BREAKING NEWS Deadly rollover wreck in Hartselle Full Story
SEVERE WX : Flash Flood Watch - Flash Flood Warning - Flood Advisory View Alerts

Cyber security experts advise using best practices to avoid cyber attack known as 'Zoom bombing'

The FBI has published guidance on protecting yourself against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing”).

Posted: Apr 9, 2020 11:12 PM

With many of his tour dates cancelled due to coronavirus restrictions, Comedian Rocky Dale Davis spent part of his Tuesday talking with his fans through Facebook. 

After getting the suggestion that he hold a video chat through that would be accessible to more of his fans, Davis launched a Zoom meeting with about 50 or so people. 

That was when an unintended guest took control of the event and started spamming it with explicit visual material and started shouting racial slurs. 

"Obviously, I didn't do it, but I'm the one that set up this room for them to come in and it just reflected badly on me," Davis said.

Davis became the unwitting victim of a type of cyber attack that has become more prevalent with more people working remotely. It's called "Zoom-bombing."

"It's one of those things that if you're not used to the tool or you don't use the tool pretty regularly, there are some things that you do need to keep in mind," said Chuck Speaks, the vice president of economic development for Cyber Huntsville.

Speaks said so-called "Zoom-bombing" existed before this work-from-home period that many are finding themselves in these days. He added that it's also not something that only happens in the Zoom app.

"Some other platforms, such as WebEx, had these exact same phenomenon or issues. If you had the public URL, then anyone could join," said Speaks.

Cyber security experts who spoke with WAAY 31 on Thursday said that users should feel comfortable using video meeting applications like Zoom and Skype, but there are some best practices that they can implement, especially with Zoom, to keep themselves safe.

Users should not widely publish your meeting information. They should also create a password that guests need to access the meeting space. They also suggest that when using Zoom, to place guests into a virtual waiting room so that the host can bring people in individually so that they know everyone in the conversation is supposed to be there.

Daniel Lambert, the vice president of the Land, Air and Space division of cyber intelligence firm, Sentar, said a better way to think about "Zoom bombing" is that it's less of a hack of the system and more indicative of imperfect default settings.

"It's really just the default configuration is rather insecure. So there's a lot of education that goes into helping our colleagues use the application and other applications in a secure fashion," said Lambert.

He told WAAY 31 that they're aware of a number of "Zoom-bombing" events that have popped up within the academic space.

"So a lot of teachers and professors were just starting a class and they were allowing themselves to have anybody, literally anybody, come in, join their class, and they could either broadcast audio or broadcast video or take over a presentation and basically disrupt the whole event," said Lambert.

And while the Alabama School of Cyber Technology and Engineering is still in the works, its president, Matt Massey said they're already discussing ways their students will be able to help fix some of these problems in the future.

"So when you're engineering something, at the same time, thinking how can you protect this to ensure that it's not going to be hacked," said Massey.

Meanwhile, the FBI said if you are the victim of "Zoom-bombing," it is considered a cyber crime and should be reported to its Internet Crime Complaint Center. You can find more about the center by clicking, here.

71° wxIcon
Hi: 75° Lo: 70°
Feels Like: 71°
73° wxIcon
Hi: 78° Lo: 70°
Feels Like: 73°
70° wxIcon
Hi: 74° Lo: 69°
Feels Like: 70°
70° wxIcon
Hi: 75° Lo: 70°
Feels Like: 70°
71° wxIcon
Hi: 74° Lo: 71°
Feels Like: 71°
WAAY Radar
WAAY Temperatures


Community Events