Zoom Bombing: What It Is & How to Protect Your Online Meetings

What is Zoom Bombing?

Zoom bombing is a term used to describe a malicious act of hijacking a Zoom meeting or conference, usually performed by cybercriminals and trolls. Attackers would often join password-unprotected or public events, take over screen sharing, and show offensive or lewd content, while also either shouting profanities, or putting on pornographic recordings.

This type of attack became widespread during the pandemic, when different sectors felt pressured to resume daily activities as soon as possible. However, Zoom wasn’t prepared for such a rapid increase in its services. Additionally, the general learning curve of transitioning to online work and education left serious cyber vulnerabilities out in the open for cyber criminals to exploit. Here are some notorious examples:

• In March 2020, a virtual classroom at the University of Southern California was Zoom bombed with racist and misogynistic language. This prompted the FBI to issue an official warning about Zoom bombings.
• Alcoholics Anonymous transitioned to online meetings and also became a target for cyber bullies. One YouTuber proudly displayed over 6 hours of footage showing him harassing AA members with disturbing and triggering visuals.
• In April 2020, a Holocaust memorial online event in Berlin was hijacked with cybercriminals broadcasting photos of Adolf Hitler.

In short, a Zoom bombing is a malicious act of violating the privacy, safety and security of online participants. But how exactly do these attacks happen?

How Does Zoom Bombing Happen?

As we briefly mentioned in the previous section, Zoom became widely popular during the COVID pandemic but the platform wasn't properly prepared for it. However, this isn't the only reason why Zoom bombs started happening. Here’s a list of methods and tactics used by hackers to invade Zoom meetings:

1. Publicly shared meeting links. This is probably the most popular method as it’s also the easiest. If a Zoom meeting link is posted on social media or other public platforms, hackers have total access to them. To make matters worse, some students willingly share their online class meeting links with Zoom bomb tags on social media to get cybercriminals to hijack their classes.
2. Weak or default passwords. When everyone started using Zoom, security and meeting ID passwords were the least of their worries. Sadly, failure to set strong passwords for online meetings makes it that much easier for attackers to guess them or brute-force their way in.
3. Good old phishing. The rapid switch to remote created a near-perfect situation for phishing emails. Attackers can impersonate legitimate participants to get meeting ID and login details to gain unauthorized access.

How to Prevent Zoom Bombing?

Thankfully, as reports of Zoom bombings began to surface, Zoom started working on major security updates and patches. But there are specific actions we can all take to help keep online meetings even more private and secure.

Best Practices for Hosts

• Use waiting rooms. This feature allows you as a host to control who can enter the meeting, ultimately preventing suspicious, unknown, or unregistered individuals from having access to your online event.
• Set a password for your meetings. With a unique and strong password, you can add an extra layer of much needed protection. Also, you'll have more certainty that those who do join a meeting are authorized to do so.
• Restrict screen sharing. Limit the screen sharing feature to yourself or specific participants you know to both avoid handover confusion and prevent malicious individuals from hijacking
• Use the lock meeting feature. A good practice is to lock meetings once all legitimate participants have joined. If there are any late-comers, you’ll be able to check who’s waiting and avoid disruptive intrusion.
• Enable the 'Remove Participant' feature. Preventing hackers from entering and potentially disrupting a meeting is one thing, but this feature also means you’ll be able to control who stays in the meeting whether they’re a hacker or a troublesome participant.

Best Practices for Participants

• Don’t share your personal meeting ID publicly. You might think you’re being helpful, but sharing a personal meeting link online creates serious security breaches. While all companies restrict access and educate employees on confidentiality, students or event participants have to exercise caution and keep meeting details to themselves.
• Don’t open suspicious emails or Zoom invites. Hackers can be crafty, so make sure to verify all meeting invitations, especially if they come from unknown sources.
• Be proactive and report incidents. If someone Zoom bombs a meeting you participate in, make sure to report it to Zoom so that the appropriate actions can be taken by the platform’s support team.

Zoom's Built-In Security Features

Since the first reports of Zoom bombings started to emerge, Zoom began working on rolling out serious security patches and features. Some of them we’ve already mentioned while listing the best practices for hosts:

• Waiting rooms: to control participant entry.
• Passwords and personal meeting IDs: to enhance online meeting security.
• Screen sharing restrictions: to limit who has the right to screen share.
• Muting participants: to control who can unmute themselves during a meeting.
• Removing participants: to remove potentially disrupting individuals from a meeting.
• Reporting tools: to report incidents and other security breaches to Zoom.
• Lock meeting feature: to lock a meeting to prevent access once it starts.

Advanced Security Measures

While Zoom's built-in security features and best practices can go a long way in preventing Zoom bombing, if you really want to make sure no unwanted individuals barge into your meetings, here are additional safety measures you could consider:

• Virtual Private Networks (VPNs). VPN services like CometVPN can protect your internet connection and prevent unauthorized access to your meetings by encrypting your data and masking your IP address.
• End-to-end encryption. Several video conferencing platforms offer end-to-end encryption so only the intended participants can see the meeting content, preventing attackers from accessing it.
• Additional security tools. Consider adding more security measures, like two-factor authentication, secure meeting rooms, or specialized software to detect Zoom bombs.

What to Do If You Experience Zoom Bombing?

Even with your best efforts, Zoom bombings can still happen. When they do, follow these steps to take immediate action:

• Step 1: Remove the disruptive participant(s). Use the "Remove Participant" feature to immediately mute and remove any Zoom bombers from the meeting as the host.
• Step 2: Lock the meeting. Once all disruptive individual(s) have been removed, immediately lock the meeting.
• Step 3: Report the incident. Contact Zoom's Trust and Safety team with details about the Zoom bombing, including any information you might have about the perpetrator.
• Step 4: Notify the relevant authorities. Depending on the severity of the incident and the nature of the shared content, you may need to notify law enforcement.
• Step 5: Review and improve security measures. After the incident, review your security practices and settings to identify any vulnerabilities. If found, make sure to address those weaknesses to prevent future attacks.

Summing Up

While it’s become significantly harder for malicious individuals to Zoom bomb meetings, it still remains a major threat. It’s crucial to be aware of the risks and educate ourselves on the best security measures to avoid being attacked, or leaking sensitive data to the public. Stay up to date with the latest security updates, be cautious with weird emails, and stay safe in online meetings regardless if they’re happening in a professional setting, or when organizing a next online family get together.