Cyber criminals hijack video calls; FBI provides recommendations

April 15, 2020 Gracie Awalt

By Gracie Awalt, Marketing Associate

Telemedicine is more important than ever before, and teleconferencing software is rapidly being used to connect people across the world during the pandemic. This increased dependency on teleconferencing has created new opportunities and incentives for cyber criminals to hack into video calls.

The Federal Bureau of Investigation (FBI) has received reports from across the nation of hijackers disrupting video calls with pornographic or hate images, threatening language, and profanity. Increased traffic on videoconferencing software has revealed vulnerabilities in cyber security safeguards, such as the need for passwords.

Eric Yuan, the founder and CEO of Zoom, announced in a press release that the company has seen a massive increase in paid and free participants. Last December, the number of daily participants reached 10 million. This March, that number reached 200 million. 

“We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived,” Yuan said.

Zoom has worked to increase its cyber security safeguards, but there are ways users can ensure increased teleconferencing security. The FBI has issued the following recommendations.

  1. Do not allow virtual meetings to be open to the public. Use the features available in your teleconferencing platform to ensure privacy. In Zoom, enable the feature that requires participants to use a meeting password, or use the waiting room feature to control participant access.
  2. Provide links to meetings directly to intended participants. Do not share meeting links on social media, because posts can be unrestricted and publicly available to everyone.
  3. Become educated on your teleconferencing platform’s screen sharing options. In Zoom, screen sharing can be limited to “Host Only” to eliminate the chance that a hijacker will control the screen.
  4. Continuously update your teleconferencing software. Each update improves meeting security by adding new defenses and safeguards against hijackers. The Cybersecurity and Infrastructure Security Agency explains the importance of software updates and describes best practices here.  
  5. Include provisions in your organization’s telework policies that direct employees to address requirements for physical and information security.

If you are a victim of a teleconference hijacking, file a report with the FBI’s Internet Crime Complaint Center at ic3.gov. Additionally, if you receive a specific threat during a teleconference, please report it to tips.fbi.gov or call the FBI Boston Division at (857) 386-2000.

 

Previous Article
Cyber criminal pretends to be OCR investigator to obtain PHI
Cyber criminal pretends to be OCR investigator to obtain PHI

The OCR is warning about an increase in malicious behavior by cyber criminals seeking access to protected h...

Next Article
Coronavirus: Answers to your risk management questions
Coronavirus: Answers to your risk management questions

On-demand webinar discussing: HIPAA and patient privacy; sharing PHI with public health authorities; and pr...

Podcast: Tech, Telemedicine, Tomorrow

LISTEN