The Federal Bureau of Investigation (FBI) warned in late March that online trolls have been "Zoombombing" teleconferencing apps with pornographic videos and profanity, Sky News reported on Wednesday.
A rising number of incidences involve online trolls hijacking teleconferences without sufficient security protocols in place to block unknown users from joining calls.
One incident involving an Alcoholics Anonymous meeting was interrupted by trolls playing hardcore pornography, it was revealed.
Two further incidents involved schools being interrupted by trolls, including one shouting profanities and disclosing a teacher's home address and another showing a person bearing swastika tattoos.
According to Sky News, New York attorney general Letitia James is set to investigate the popular app over privacy and security concerns. Failures to address software issues "could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams", Mrs James wrote in a letter to Zoom on Monday.
How The FBI, UK Gov't Agencies Responded
The FBI released detailed instructions in a press statement on preventing further hijackings of Zoom meetings, stating:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests;
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people;
- Manage screensharing options. In Zoom, change screensharing to "Host Only";
- Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
British officials also use Zoom for non-classified cabinet meetings, but the Ministry of Defence (MoD) has ordered all its workers to immediately stop using the platform until investigations were completed.
MoD officials were also advised in a staff email to be "cautious about cyber resilience" in"these exceptional times", Sky News reported.
A government spokesperson said in a statement: "The MoD uses Zoom to conduct cross-government meetings for official level business. There are no plans to review this. In the current unprecedented circumstances the need for effective channels of communication is vital.
The spokesperson concluded: "National Cyber Security Centre guidance shows there is no security reason for Zoom not to be used for meetings of this kind.
But a spokesperson for Zoom commented that the company was in "close communication" with the MoD and National Cyber Security Centre and were "focused on providing the documentation they need", adding that it took users' security "extremely seriously".
A spokesperson added: "Zoom are in close communication with the UK Ministry of Defence and National Cyber Security Centre and are focused on providing the documentation they need.