Zoom has emerged as an indispensable video conferencing tool for remote work and study as millions of people  are forced to stay home during the COVID-19 pandemic. But a growing number of so-called Zoom-bombing incidents is prompting warnings from the FBI and from the victims themselves.

People participating in meetings and lessons via video conference platforms like Zoom can find their screens hijacked by malicious actors who can put words and images on the screen and in the chat box or create havoc with the audio.  

Dennis Johnson said he was in the middle of a video conference defending his doctoral dissertation — about the struggles of African Americans in California’s education system — when he started seeing profanity appear on the screen.

“I’m talking about … students of colour, specifically black students,” said Johnson, 28, in a Skype interview from Long Beach, Calif. ” As I’m talking about this, I see a circle on my screen … then another circle and then I see another shape. It’s a penis.”

Then he saw letters spelling out the N-word.

Johnson says he froze. Seconds later, pornographic images began appearing all over the shared screen. Eventually, someone on the call was able to remove the uninvited culprit from the group.

WATCH | Dennis Johnson is helpless to stop an online attack during his PhD defence (graphic images and language have been blurred)

He is the first college graduate in his family, so his mother and 68-year-old grandmother were watching the presentation along with his professors. He says even after he regained his composure and was told he had passed, feelings of sadness replaced what should have been pride.

“I spent three years working on this paper, you know, working on this research,” he said. “This moment was taken away from me in front of my family, in front of my friends. I was disrespected on a level that I could never imagine.”

Zoom-bombing is becoming more frequent in Canada, as well, with unidentified visitors entering private online meetings and classrooms to spew racial and sexist slurs.

Russ Klein, the head of a Jewish high school in Vancouver, told CBC News that a community gathering the school was hosting on Zoom on Tuesday was infiltrated.

Earlier this week, a 250-guest virtual town hall held by Toronto’s YWCA to discuss the impact of COVID-19 on women was Zoom-bombed as well. 

“They started shouting racial epithets, they shouted the N-word,” said YWCA Canada CEO, Maya Roy. “Two YWCA employees were sexually harassed. Comments were made about them in the chat function.”

FBI issues warning, tips

The number of incidents, known among security experts as “video teleconferencing (VTC) hijacking,” has been alarming enough that it prompted a warning from the FBI earlier this week.

“The best mitigation strategy at this point is just to let a lot of the users know that this is going on, because they’re going to be the ones that are able to protect themselves best,” Boston-based FBI special agent Doug Domin, who primarily works on cyber cases, told CBC News.

The agency also released a tip sheet that included the following:

• Keep VTC meetings private by issuing users a password or employing the “waiting room” function, which requires the host to invite each guest individually.
• Don’t share invitation links on social media.
• Keep software updated to stay on top of any security patches provided by VTC companies.

Response from Zoom

But both Roy and Johnson say they took precautions: Johnson says his faculty used the waiting room function to monitor who was part of the dissertation meeting, and Roy says while the YWCA town hall was promoted on Twitter, joining it was password-protected.

They say Zoom — whose shares have doubled in price since the COVID-19 crisis erupted in January and has experienced record downloads — should take more responsibility.

Johnson started an online petition to compel the VTC company to improve its security features. By Thursday night, it had amassed more than 30,000 signatures.

Zoom, which has already been forced to apologize for not being forthcoming about its security limitations, says it’s providing guidance to help virtual classrooms and meetings stay safe. But it hasn’t specified any plans to offer additional controls for users to prevent harassment and online attacks.

“We strongly encourage hosts to review their settings, confirm that only the host can share their screen, and utilize features like host mute controls and ‘Waiting Room,'” Zoom said in a statement to CBC News.

Marginalized groups a target

Johnson and Roy say Zoom-bombing should be investigated as hate speech because marginalized groups appear to be the main targets.

“Women, people of colour, Jewish community groups and the queer community,” said Roy. “The onus shouldn’t be on us to protect ourselves against hate online.”

While Domin says the FBI is looking into a handful of incidents in Boston, “it’s a difficult process to conduct an investigation over borders.”

“There’s no accountability online,” he said.

The FBI also says it’s hard to quantify how these types of security invasions can affect people personally, but children in particular who are exposed to graphic material or racist messages in an online classroom, for example, can have a tough time understanding what happened and why.

Johnson says even as an adult, it’s been difficult to process his own experience. He says the incident will have a lasting effect.

“Whenever somebody says ‘Dr. Dennis Johnson,’ I’m going to remember that moment and I’m going to be saddened a little,” said Johnson. “But I’m also going to remember that you have to push and you have to continue and don’t stop.”

Source link