If you have begun or increased your use of Teleconferencing/Telehealth to provide health care, be aware of cyber-attacks. The FBI issued a notice on 3/30/2020, which warned that bad actors have been hijacking Zoom and other teleconference platforms, disrupting them with pornographic or hate images and language.
The following steps can help to secure your teleconferences:
- Do not make meetings public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests. Other platforms also offer security settings such as meeting passwords and waiting rooms.
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- Manage screensharing options. In Zoom, change screensharing to “Host Only.”
- Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.
If you were a victim of a teleconference hijacking, or any cyber-crime for that matter, report it to the FBI’s Internet Crime Complaint Center at ic3.gov. Additionally, if you receive a specific threat during a teleconference, please report it to us at tips.fbi.gov or call the FBI Boston Division at (857) 386-2000.