The quarantine has been in countries all over the world for more than four months now. With the extension, there seems to be an extraneous need to keep in touch with our loved ones. All around the globe, people are using more and more methods of communicating, some diversifying into video chats, group calls and conference sessions. While they have succeeded in keeping the work from home industry alive, there seems to be an added concern regarding their data privacy. With more of the world going online day by day, it is effortless to get a person’s information and sensitive data with just a click. There are increasing threats to people online and monetary security due to this globalization. And what’s more, these concerns arise not from the work of an individual hacker, but large corporations themselves.
In 2013, Cambridge Analytica and Facebook were found guilty of harvesting million’s of people’s data and using it for political advertising. The company has committed acts of data breaching, illegal acquiring, data mining and analysis for political reasons. The data that they acquired was allegedly used for both bringing up and tearing down political campaigns by influential figures. The company had breached Facebook’s terms of service, through an app called ‘This Is Your Digital Life’. With Steve Bannon, Trump’s White House Chief Strategist being on the founding committee, there was increased suspicion, that this process was entirely responsible for Donald Trump’s digital campaign. The expose resulted in Cambridge Analytica filing for Insolvency and Facebook having to give up around 17 per cent of its shares.
What Does This Have To Do With Zoom?
There is a relation to this story of mine and the topic I wish to tackle today. With data breaching and manipulation possible on such a significant level possible right in 2013, there is no guarantee of such a thing not being possible in 2020. Such apps and breaches could be parading right under our noses and stealing sensitive information. And yet we wouldn’t know. And that is what we suspect came out of Zoom, a Chinese video conferencing website cum social media app.
Zoom is a Chinese application available as both a phone app and a web browser, that enables a person to video call a large number of people at any given moment. Despite there being several apps that do the same, none match the magnitude that Zoom covers. And with the quarantine coming down hard in March, numerous companies and institutions scrambled to look for video conferencing tools that could keep their employees in touch and abreast with their work. Schools and College also continued their education process through a series of online classes. With almost the entirety of the world depending on Zoom to stay in touch, many questioned the veracity of Zoom’s claims about being a completely safe and secure site.
Why is Zoom Unsafe Though? Was it Exposed to Be Fraudulent?
Zoom is just as unsafe as 45% of all the companies out there. More than 45% of companies in the world have experienced a data breach in the past year. There haven’t been any revelations by the video conferencing website. However, a slew of security concerns have arisen. Along with a lot of sensitive information being on the down and out concerning participant’s identities, there was also the fact that none of the videos were end-to-end encrypted.
ZOOM servers are not secure and are susceptible to remote end attacks from other participants. What this means is that any participant, once registered into the app, can interfere and release malicious attacks on another participant without any precedent.
ZOOM is an unprotected application and is susceptible to hacker attacks. Hackers can quickly get into the app and steal sensitive information such as user’s Windows passwords. They can further use this data to corrupt personal devices and crash systems.
Have There Been Any Reports of Such Attacks or Data Breaches?
There have been accusations, yes, but there is no definite proof as to there being any data infringement by the application itself. Most of the regulations that are in place by countries across the world are about security concerns. ZOOM, from the get-go, appears to be a very insecure application. If not customized the right way by the administrator, the app can admit anyone into a meeting, as long as they have an email and the meeting’s id.
Zoom conferences are very susceptible to hacker attacks. A recent zoom meeting held by the BARC for its higher-ups terminated due to the hacking. Miscreants had hacked into the conference and had taken control of the chatbox. This lead to the cancellation of the meeting.
What Can We Do to Protect Ourselves if We Can’t Help Using The Application?
We would recommend you to avoid using the application altogether. If that is not possible, there are a list of regulations that The Cyber Co-ordination Centre has released under the Ministry of Home Affairs, India.
- You must set a new user ID and password for each meeting. Also, try to avoid using your email id for the meeting. You could use a decoy email id that doesn’t contain any of your sensitive information or doesn’t link itself to any other accounts of yours.
- Enable the meeting room and disable the option of joining before the host. It helps the host monitor the incoming and outgoing participants and weed out participants who shouldn’t be in the meeting.
- Allow screen sharing by the host only. It prevents miscreants from showing unwanted images and fiddling with the controls of the meeting.
- Disable removed participants to join again. Participants kicked out by the host will remain unable to join again and will have to ask for permission to enter again.
- Restrict the recording feature. Enable recording only to the host, in case there needs to be evidence of malicious activities. However, if the discussion is sensitive to the organization, restrict recording to prevent leaks.
If you follow these rules, there is a possibility that you shall remain safe from any malicious activity. However, this is not a guarantee. The best idea would be to shift to a different application, such as Google Meet or Microsoft Teams. Data security is one of the essential requirements of the 21st century. And with a population using the internet with no actual knowledge of how it works, we are all sitting ducks to the threats that the internet poses.