Uh, guys — 'Zoombombing' could result in criminal charges, Michigan AG says

Share on Nextdoor
click to enlarge Uh, guys — 'Zoombombing' could result in criminal charges, Michigan AG says

In the age of coronavirus, working from home is no longer a once-in-a-while luxury — for many of us, it's our new normal. And with that comes, well, a lot of distractions, which include those that can occur during a meeting while using popular video conferencing apps like Zoom. In some cases, you might get an unexpected visitor. Welcome to the world of “Zoombombing,” our latest technological nightmare — and it's totally illegal.

Attorney General Dana Nessel echoed the warning issued by the FBI on Thursday regarding the latest video-conferencing trend, “Zoombombing,” during which conferences are hijacked by uninvited users.

This week a Zoom meeting between We the People of Detroit and the Turn on the Water Coalition was hijacked by users who drew genitalia on the screen and repeatedly used racist language. Grosse Ile Township board of trustees found themselves in a similar position this week when hackers hurled racist slurs and obscenities during a city council meeting.

But it's not just businesses who are relying on services like Zoom to stay connected. With 9 out of 10 of all children in the world out of school due to coronavirus closures, teachers and parents are relying on the app, too. Late last month, a Massachusetts-based school suffered a Zoom infiltration, in which an uninvited man with swastika tattoos appeared in the meeting. An elementary school in Utah was exposed to pornography and explicit language for a few seconds when a meeting between the principal, faculty, and 50 students was hijacked.

“We were alerted to this problem by a Michigan reporter who participated in a Zoom conference that was hijacked,” Nessel shared in a press release. “Since then we have learned of other incidents around the country. There are steps people can take to protect their cybersecurity and we encourage all users to follow the proper procedures to ensure their teleconferences are secure.”

Nessel notes that Zoombombing could result in criminal charges under the state's Fraudulent Access to a Computer or Malicious Use of Electronics Communication acts.

As it turns out, Zoom is riddled with security weaknesses. Recently, Zoom had to make a recent software update to prevent the app from sending data from iOS users to Facebook. Former NSA hacker Patrick Wardle says there may be a direct link between security vulnerability and Zoom users who operate the app from their Mac products. Researchers from the University of Toronto have also found Zoom's “waiting room” feature may be another source of the app's cyber insecurity, which can be traced all the way to China, where Zoom “appears to have at least 700 employees across three subsidiaries” — alleging the app may send encryption keys to China, or as Forbes explains, “the chunks of data that can unlock conversations.”

The FBI urges Zoom users to take precautions before setting up a meeting. The program allows users to make meetings private, which requires a password to use the waiting room feature and moderate guests. They also advise to not post teleconferencing links on social media, which users may do so unknowingly if they share screencaps. Also, make sure to keep your screen sharing option on “Host Only,” as this feature offers another layer of control within the app.

If you have been a victim of teleconference hijacking or other cyber-crimes, you're encouraged to report the incident with the FBI's Internet Complaint Center, which you can do so by visiting tips.fbi.gov.

Stay on top of Detroit news and views. Sign up for our weekly issue newsletter delivered each Wednesday.
Scroll to read more Metro Detroit News articles


Join Detroit Metro Times Newsletters

Subscribe now to get the latest news delivered right to your inbox.