Video conference calls are getting hijacked. Here's how to prevent it

Posted at 7:32 AM, Apr 03, 2020
and last updated 2020-04-03 07:38:32-04

LANSING, Mich. (WXYZ) — Michigan Attorney General Dana Nessel is warning consumers of potential hijacking and cybersecurity breaches as more people move to video-teleconferencing for remote communication amid the COVID-19 outbreak.

Attorney General Nessel issued a consumer alert to make people aware of the situation. The warning taken by the Attorney General’s office follows a similar alert made by the Federal Bureau of Investigation.

“We were alerted to this problem by a Michigan reporter who participated in a Zoom conference that was hijacked,” Nessel said. “Since then we have learned of other incidents around the country. There are steps people can take to protect their cybersecurity and we encourage all users to follow the proper procedures to ensure their teleconferences are secure.”

The FBI has received multiple reports of teleconferences set up through Zoom being disrupted by pornographic and/or hate images and threatening language. Schools using the technology to conduct classroom exercises have also reported interruptions in video-teleconferencing sessions.

In Michigan, this conduct could result in criminal charges under several statutes relating to Fraudulent Access to a Computer or Network and/or Malicious Use of Electronics Communication.

The FBI recommends taking these steps to prevent teleconference hijacking threats:

  • Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
  • Manage screensharing options. In Zoom, change screensharing to “Host Only.”
  • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated its software. In the security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
  • Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

The FBI asks victims of teleconference hijacking, or any cyber-crime, to report it to the FBI’s Internet Crime Complaint Center.

Additional Coronavirus information and resources:

Read our daily Coronavirus Live Blog for the latest updates and news on coronavirus.

Click here for a page with resources including a COVID-19 overview from the CDC, details on cases in Michigan, a timeline of Governor Gretchen Whitmer's orders since the outbreak, coronavirus' impact on Southeast Michigan, and links to more information from the Michigan Department of Health and Human Services, the CDC and the WHO.

View a global coronavirus tracker with data from Johns Hopkins University.

Find out how you can help metro Detroit restaurants struggling during the pandemic.

See all of our Helping Each Other stories.

See complete coverage on our Coronavirus Continuing Coverage page.