What is ‘Zoom-bombing’ and how to stop it

How to address Zoom-bombing, a growing cybersecurity threat.
Image: Cody DeBos | The Burn-In

Due to the COVID-19 pandemic, employees have turned to videoconferencing software like Zoom to work from home. While Zoom is an extremely helpful tool, it isn’t without its flaws. Specifically, a concerning cybersecurity trend is popping up as “Zoom-bombing” becomes more common.

Just like your boss drops into an in-person meeting unannounced, troublemakers are joining business Zoom meetings without an invite. They then proceed to disrupt the conference, sometimes even causing it to be canceled altogether. Large companies and small groups alike have been afflicted by this annoying trend.

Taking the right steps to prevent Zoom-bombing can keep your virtual meetings secure. Learning to do so now can save you a great deal of headache down the road.

Manage your supply chain from home with Sourcengine

Zoom-bombs Away

The ability to hijack a Zoom meeting isn’t new. All you need is the link to the meeting (if it’s public) and a computer to join without an invitation. However, it has become problematic over the past few weeks due to the increased number of users on the platform.

Thanks to COVID-19, Zoom is now a prime target for mischief, and worse, spreading malware.

Zoom-bombing isn’t just something that affects the non-tech savvy crowd. Jessica Lessin, editor-in-chief of The Information, knows this firsthand. She detailed in a tweet how her videoconference was hijacked by a user that went on to share pornography in the meeting.

Obviously, that type of behavior is unacceptable in any professional meeting. However, it isn’t the only problem Zoom-bombing creates. Other uninvited guests use the platform’s file sharing feature to digitally send out malware to unsuspecting employees. Meanwhile, some troublemakers simply enter a meeting and start screaming simply for the purpose of causing a disruption.

How to Avoid Zoom-bombing

As the issue of Zoom-bombing continues to grow, the company itself released a blog post about how to avoid it. Cybersecurity experts have also pitched in their best practices to keep Zoom meetings secure.

Arguably the most important step is to avoid sharing meeting links whenever possible. Anyone with the link can join a public Zoom meeting—which is why Zoom-bombing has become so popular. As such, not sharing links to social media and public forums is a great way to mitigate the possibility of hosting uninvited guests.

However, that isn’t foolproof. Ill doers can still find their way into meetings where they don’t belong. Customizing your meeting settings can help decrease their ability to cause disruptions.

Turning off screen sharing capabilities for everyone but the host is a great first step.

In response to the uptick in Zoom-bombings, a company spokesperson said, “We have been deeply upset to hear about the incidents involving this type of attack. For those hosting large, public group meetings, we strongly encourage hosts to change their settings so that only the host can share their screen.”

Likewise, turning off file sharing can reduce the risk of malware-ridden files being spread through the meeting. For conferences that will contain sensitive information, enabling a password is also a good idea.

Jake Moore, a cybersecurity expert, told Forbes, “This is effectively two-factor authentication for participants to use before entering the chat. Again, this password should only be shared privately.”

Although Zoom is a powerful productivity tool, it isn’t flawless. By taking steps to protect themselves against Zoom-bombings, users should be able to continue utilizing it to work from home. Not doing so could result in some awkward virtual workplace situations.


Please enter your comment!
Please enter your name here