With the coronavirus pandemic lockdown preventing people from going to office and meeting friends and families, many have turned to video conferencing apps and services to stay in touch and also work remotely. Perhaps the most popular and most downloaded of these video calling services is Zoom, which has seen a ten-fold boom in revenue thanks to the pandemic.
However, all the popularity and growth has made Zoom a hot target for hackers and pranksters to invade public or private meetings on the platform to display objectionable content, including pornography and other hateful imagery in a practice that is popularly being referred to as "Zoom-bombing."
Think twice before you Zoom-bombing
But now, those thinking of accessing other people's accounts and Zoom bombing their meetings may want to re-consider their action as the US Department of Justice has warned that anyone who Zoom bombs into a video conference could face potential legal consequences.
According to a report from The Verge, the US Attorney's office for the Eastern District of Michigan has published a press release on the Department of Justice's website, with support from the state attorney general and the FBI.
The press release warns about the legal consequences of Zoom bombing saying:
"Michigan's chief federal, state, and local law enforcement officials are joining together to warn anyone who hacks into a teleconference can be charged with state or federal crimes.
"Charges may include – to name just a few – disrupting a public meeting, computer intrusion, using a computer to commit a crime, hate crimes, fraud, or transmitting threatening communications. All of these charges are punishable by fines and imprisonment."
The press release has also asked anyone who falls prey to teleconference hacking to report the incident to the FBI's Internet Crime Complaint Center.
You think Zoom bombing is funny?
The US Attorney for the Eastern Michigan district, Matthew Scheider, explained the seriousness with which the state plans to tackle the menace of Zoom-bombing by putting it in a manner most understandable:
"You think Zoom bombing is funny? Let's see how funny it is after you get arrested. If you interfere with a teleconference or public meeting in Michigan, you could have federal, state, or local law enforcement knocking at your door."
Tips to avoid being Zoom-bombed
The press release also shared some useful tips that businesses, schools, political offices and individuals can take to avoid getting their Zoom meetings hacked or Zoom-bombed.
It warns that most of the time, the organizer of the meeting or call overlooks some key privacy settings that would otherwise help protect the call from a prankster or any third-party from sneaking into it.
"Do not make the meetings or classroom public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guest," the guidance reads.
"Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people."
It also asks users to manage screen sharing options in Zoom to allow only the host to use this feature and to ensure that all participants are using the latest updated version of the software.
Zoom promises to fix security concerns
Zoom has released quite a few updates over the week to address some of the concerns from the media and security experts regarding its privacy and security policy. Of late, the service has been embroiled in a controversy surrounding how secure the meetings and chats are on the platform because they are not end-to-end encrypted and some of them pass through Chinese servers. Zoom CEO Eric Yuan said the "company moved too fast" and "had some missteps" and has promised to beef up its user and platform defenses in the coming weeks.
How did Zoom-bombing begin?
The trend of Zoom-bombing began as more and more people across the world began going into self-isolation due to the Covid-19 pandemic. Following this, many businesses and educational institutions moved from in-person meetings to remote conference calls on platforms like Zoom and this led to increased downloads and usage, opening the doors for pranksters and hackers to use Zoom as a weapon to hack calls and play pranks.
According to the New York Times, the weaponization of Zoom is not just for pranks but also for launching harassment campaigns which have become a major concern at the highest levels of law enforcement, as many online groups gather on Instagram, Reddit, Twitter, and 4Chan to coordinate attacks.
The most vulnerable hosts of these campaigns are school classrooms, political meetings and other sensitive gatherings.