Video Conferencing Application Vulnerabilities an Issue

Video Conferencing Application Vulnerabilities

Video conferencing application vulnerabilities have been frequently in the news during the Covid-19 pandemic.  During this time the use of these apps has skyrocketed due to remote work and schooling.  This has presented a tempting target for cyber criminals to steal information and disrupt activities.

Zoom Bombing Incidents

AL.COM reported that Saturday night Jewish prayer services in Alabama were zoombombed with anti-Semitic messages, swastikas, and images of Adolf Hitler.  The Selichot services held in Montgomery, Mobile, Auburn and Dothan were being held on the online video conferencing platform Zoom in lieu of in person services due to the coronavirus pandemic.

On September 14, 2020 a federal court hearing in Georgia challenging voting machines was interrupted with videos of 9/11 attacks, swastika, and porn.  Again the Zoom app was being used in the session.

A Chicago Public School virtual elementary classroom session was subjected to images of pornography and weapons.  This incident involved the Google Meet video conferencing application. 

Secure Video Conferencing Apps

All video conference tools have potential security issues.  Many however have had a history of repeated incidents involving disruption and compromise of sensitive information. 

Zoom for example was hit with multiple lawsuits for selling user data to Facebook.  Additionally, the company left thousands of personal videos on the open web.  As a result names, phone numbers, and intimate conversations were left viewable on the Zoom cloud.

There are many video conferencing apps available to the public that are considered safer to use.  These apps use End-to-end encryption, also known as E2EE, to ensure that only the participating users and access messages or media.  A TechieTechTech review rated Signal Private Messenger, Wire Platform, Facetime, and Linphone favorably. 

Video Conferencing Security Best Practices

Video conferencing is becoming more and more of a necessity as the Covid pandemic requires people to work from home and engage in virtual classrooms.  Cyber security is everybody’s responsibility.  Any application or service can be compromised by ineffective practices by the user. 

The Cybersecurity and Infrastructure Security Agency (CISA) has released guidance for securing video conferencing.  This guidance includes tips on how to ensure secure connections, control access, manage data access, and ensure latest versions of applications.  Specific guidance for remote classrooms can be found on a previous post “Teleconferencing Guidance for Education“.

CVG Strategy Cybersecurity

Video conferencing application vulnerabilities pose a significant threat to the well being and security of our families, communities, and organizations.  Our cybersecurity experts are committed to upgrading the cybersecurity awareness and preparedness of businesses and organizations. 

We can assist you in developing Information Security Management Systems (ISMS) appropriate to your unique requirements.  We specialize in ISO 27001, NIST 800-171, and CMMC Certification.  A properly structured ISMS can help your organization identify risks, employ effective security measures, and create incident response plans.  

 

Kevin Gholston

Share this post