Evaluate your SIEM
Get the guideComplete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
April 9, 2020
In times when a majority of employees are working from home due to the global coronavirus pandemic, enterprises are extensively relying on collaboration tools like Zoom to keep their employees productive and engaged.
Only in March, the daily usage of Zoom Videos increased over 5 times. The platform made it easy for company employees and clients to hop on meetings whenever needed and for schools and students to continue education online. However, this sudden increase in the platform’s popularity made it equally easy for cybercriminals to hijack meetings and exposed severe privacy shortages.
In this article, we will discuss:
As more than 90% of Americans were forced to work from home in March and started to increasingly rely on Zoom for work-related meetings, it has been pointed out that the communication platform didn’t use end-to-end encryption. Last week, Zoom CEO and founder Eric S. Yuan apologized for the confusion related to this issue. In another message to users, he also acknowledged the security and privacy shortcomings and prioritized to fix them. "We recognize that we have fallen short of the community's – and our own – privacy and security expectations. For that, I am deeply sorry," Yuan wrote, explaining that Zoom “was built primarily for enterprise customers – large institutions with full IT support.”
He added that Zoom would be "enacting a feature freeze, effectively immediately, and shifting all our engineering resources to focus on our biggest trust, safety, and privacy issues."
Despite the recent crisis, Zoom remains one of the best productivity tools out there. It’s easy and seamless to use - meeting participants can join via a shared link from any location without any software downloads. It works just as well for private gatherings among friends, conducting online lessons and staff meetings. Gartner has rightfully placed it among the market leaders in ICT provision - Microsoft and Cisco.
A significant number of the so-called Zoom bombings - the practice of hijacking video conversations by uninvited parties to disrupt the usual proceedings - were reported since the global quarantine began. Hijackers, who can be anyone from school children spreading hateful comments or threats, to adults spreading racist content or even porn, have given rise to a new kind of internet trolling. IT Security Administrators must be weary of this phenomenon and implement stringent policies to prevent such attacks.
It has been reported that attackers can use the Zoom Windows client's group chat feature to share links that will leak the Windows network credentials of anyone who clicks on them. It happens because the Zoom client converts Windows networking Universal Naming Convention (UNC) paths into clickable links. When someone clicks on that link, Windows shares the user’s login credentials. This is usually a consequence of unwarranted logins to the enterprise cloud architecture, so keeping strong password policies is crucial, just as knowing about every instance of UNC path sharing.
According to Business Insider, Zoom has been accused of passing on data to third parties, including Facebook, without notifying the users. Vice reported that the iOS version of Zoom's app sends analytics to Facebook even for users who don't have a Facebook account, attacking the privacy of its users.
Zoom offers best-in-class performance. Nonetheless, in areas with poor reception or the strained WiFi networks at home, its quality of meetings may downgrade. IT Administrators may find it challenging to monitor whether the tool is performing as expected for their employees.
When your employees rely on a single tool to plan, collaborate and make decisions, a single disruption can negatively impact the overall schedule. IT Administrators must be notified in advance when Zoom is unavailable or not performing as expected, so they could in turn inform their employees to use alternate collaboration software.
As an IT Security Administrator, ensuring that employees are following the organization's security policies is in your job description. The following best practices are instrumental to protecting your enterprise from Zoom bombings and other security challenges:
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.
Start free trial