{"id":4192,"date":"2020-04-02T16:30:57","date_gmt":"2020-04-02T21:30:57","guid":{"rendered":"http:\/\/ndsbmcp.org\/?p=4192"},"modified":"2020-04-03T11:36:32","modified_gmt":"2020-04-03T16:36:32","slug":"fbi-releases-guidance-on-defending-against-vtc-hijacking-and-zoom-bombing","status":"publish","type":"post","link":"https:\/\/www.ndsbmcp.org\/index.php\/fbi-releases-guidance-on-defending-against-vtc-hijacking-and-zoom-bombing\/","title":{"rendered":"FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing"},"content":{"rendered":"<p><span style=\"color: #000000;\">On March 30, 2020, the FBI released an article, warning users of teleconferencing sessions being hijacked (also being referred to as \u201cZoom-bombing\u201d) all over the nation. The FBI has received multiple reports of conferences being disrupted by pornographic and\/or hate images and threatening language. In the wake of reports of this activity being reported to the FBI\u2019s Internet Crime Complaints Center (IC3 -ic3.gov), they have published the following recommendations:<\/span><\/p>\n<ul>\n<li><span style=\"color: #000000;\">Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.<\/span><\/li>\n<li><span style=\"color: #000000;\">Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.<\/span><\/li>\n<li><span style=\"color: #000000;\">Manage screensharing options. In Zoom, change screensharing to \u201cHost Only.\u201d<\/span><\/li>\n<li><span style=\"color: #000000;\">Ensure users are using the updated version of remote access\/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.<\/span><\/li>\n<li><span style=\"color: #000000;\">Lastly, ensure that your organization\u2019s telework policy or guide addresses requirements for physical and information security.<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\">Additionally, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released a notice today about regarding this activity and added the following recommendations as this issue is not specific to Zoom, but rather applies to all video teleconferencing (VTC) software:<\/span><\/p>\n<ul>\n<li><span style=\"color: #000000;\">Consider security requirements when selecting vendors. For example, if end-to-end encryption is necessary, does the vendor offer it?<\/span><\/li>\n<li><span style=\"color: #000000;\">Ensure VTC software is up to date.<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\">References:<\/span><br \/>\n<span style=\"color: #000000;\"> FBI:<\/span><br \/>\n<a href=\"https:\/\/www.fbi.gov\/contact-us\/field-offices\/boston\/news\/press-releases\/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic\"><span style=\"color: #0000ff;\"><strong>https:\/\/www.fbi.gov\/contact-us\/field-offices\/boston\/news\/press-releases\/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic<\/strong><\/span><\/a><\/p>\n<p><span style=\"color: #000000;\">US-CERT:<\/span><br \/>\n<a href=\"https:\/\/www.us-cert.gov\/ncas\/current-activity\/2020\/04\/02\/fbi-releases-guidance-defending-against-vtc-hijacking-and-zoom\"><span style=\"color: #0000ff;\"><strong>https:\/\/www.us-cert.gov\/ncas\/current-activity\/2020\/04\/02\/fbi-releases-guidance-defending-against-vtc-hijacking-and-zoom<\/strong><\/span><\/a><\/p>\n<p><span style=\"color: #000000;\">Zoom:<\/span><br \/>\n<a href=\"https:\/\/blog.zoom.us\/wordpress\/2020\/04\/01\/a-message-to-our-users\/\"><span style=\"color: #0000ff;\"><strong>https:\/\/blog.zoom.us\/wordpress\/2020\/04\/01\/a-message-to-our-users\/<\/strong><\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On March 30, 2020, the FBI released an article, warning users of teleconferencing sessions being hijacked (also being referred to &hellip; <a class=\"more-link\" href=\"https:\/\/www.ndsbmcp.org\/index.php\/fbi-releases-guidance-on-defending-against-vtc-hijacking-and-zoom-bombing\/\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":239,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/posts\/4192"}],"collection":[{"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/users\/239"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/comments?post=4192"}],"version-history":[{"count":6,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/posts\/4192\/revisions"}],"predecessor-version":[{"id":4207,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/posts\/4192\/revisions\/4207"}],"wp:attachment":[{"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/media?parent=4192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/categories?post=4192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ndsbmcp.org\/index.php\/wp-json\/wp\/v2\/tags?post=4192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}