Video calling platforms such as Skype, FaceTime, and Zoom have experienced an unprecedented amount of use over the last few weeks while people acclimate to remote working and stay-at-home orders. However, use of such platforms is not without its risk — indeed, a new phenomenon known as “Zoombombing” has emerged as a potential privacy risk to those engaging in video conferencing. With potentially sensitive information being disclosed over virtual meetings, such as legal and medical advice, understanding Zoombombing and ways to prevent it is critical.
“Zoombombing” is “a type of cyberattack; it describes when someone hijacks a Zoom teleconferencing chat.” Zoombombing has become so prevalent within the last month that the FBI has released an article and guidelines on the topic, noting that the “FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language.” Specifically, there have been reports of classroom lessons and virtual dissertations being interrupted by Zoombombers peddling inappropriate content. Altogether, Zoombombing presents a big privacy concern, whether you are disclosing confidential information, giving an important presentation, or educating minors.
No! Zoombombing is not legal. The act of “Zoombombing” could be considered either a federal or state offense. Federally, the Computer Fraud and Abuse Act may provide some leverage for prosecuting meeting hackers. States have varying laws prohibiting computer hacking and hijacking, with Michigan, for instance, having the Fraudulent Access to a Computer or Malicious Use of Electronic Communication Act. Michigan Attorney General Dana Nessel has warned that Zoombombing could result in criminal charges. The FBI encourages anyone who is the victim of teleconference hijacking such as Zoombombing or any cyber-crime to report it to the FBI’s Internet Crime Complaint Center. While it is still sometimes difficult to ascertain the identity of a Zoombomber, filing a Complaint about a Zoombombing offense is still advised.
There are some best practices that you can implement to prevent a Zoombomber from entering your next virtual meeting. The FBI recommends the following best practices:
Additionally, Zoom provides some in-app security features to help combat the entrance of Zoombombers into your virtual meeting. First, you can lock the meeting after it has commenced, which will prevent any new participant from joining, even if they have the meeting password. Second, you can expel a particular participant by hovering over that participant’s name and selecting “remove.” To keep an unwanted user out after removing them, promptly lock the meeting.
If you have questions about Zoombombing and your legal rights pertaining to the same, Traverse Legal’s expert attorneys can help provide some guidance. Until next time, we wish you safe, happy, and productive video conferencing!