March 25, 2020 - As the coronavirus (COVID-19) pandemic continues to evolve, more and more people globally are beginning to use web video conferencing tools such as Zoom, to ensure continuity of services. Unfortunately, this has also created an avenue for digital intruders, who are finding ways to disrupt Zoom sessions.
This new intrusion is called Zoom-bombing. Zoom-bombers join random Zoom sessions to cause mischief (showing pornographic images, for example) and potentially to listen in on meetings to gain sensitive information.
Zoom has released guidance for users who want to protect themselves from Zoom-bombing. Here are the top tips:
- Avoid hosting large meetings or ‘public’ events using your Personal Meeting ID (PMI). Your PMI is basically one continuous meeting and you don't want trolls invading your personal virtual space. Instead, Zoom suggests using random meeting IDs for your large meetings.
- Lock your meeting. You can lock a Zoom meeting once it is started and all your expected participants have joined. This prevents any new participants from joining, even if they have the meeting ID and password (if you have required one). To do this, in the meeting click Participants at the bottom of your Zoom window. In the Participants pop-up, click the button that says Lock Meeting.
- Require a password to join your meeting. You can require a password for any meeting when you schedule it and/or as a default for all personal ID meetings by signing into Zoom and clicking on Meetings and the Personal Meeting Room to access the password setting.
- If you find yourself with a disruptive participant in your meeting, you can remove them. Click on Participants at the bottom of your Zoom window then select More and Remove for the participant that you want to eject from the meeting.
For more information contact the CSUCI Information Security Team at infosec@csuci.edu.