Governments across the world have been instructing people to work from home as much as possible to limit the spread of the deadly Covid-19 virus. As a result, we’ve seen an increase in the use of video conferencing services to host virtual meetings between colleagues. And families are also getting together online to stay in touch using the same tools.
But like every system that suddenly becomes popular, hackers have turned their attention to video conferencing platforms. Some will want to steal information while others just want to cause trouble. Here’s what you need to know.
Zoombombing
Zoombombing is when an uninvited person hijacks a video conference. Sometimes they will simply ‘listen in’ unnoticed trying to steal the sensitive information being discussed. Others will set out to deliberately disrupt the meeting, playing loud noises or displaying offensive imagery to upset other users.
By default, some apps like Zoom allow anyone to share their screen, taking control away from the meeting host. The easiest way to prevent zoombombing is to adjust your settings to disable ‘public’ screen sharing before the meeting starts.
When inviting people to a video call, do not share the meeting link publicly. If your link is shared on social media or other public websites anyone with can click to join.
End-to-end encryption
Families often talk about very sensitive issues. If the information were to become public, it could be extremely embarrassing.
The best way to prevent sensitive information being exposed or stolen is through encryption. Almost all video calling apps offer some degree of encryption usually to prevent hackers from breaking into your calls in progress. Anything that is stored in the service, like recordings or images, does not enjoy the same level of encryption however. If the service provider can access those recordings, so can anyone else (theoretically).
The only way to protect everything is through end-to-end encryption This ensures that your calls are secured and anything saved is only accessible by you and your family.
Apple FaceTime is currently the only consumer service offering complete end-to-end encryption for video calling. This makes it the most secure option for your sensitive family conversations.
But we don’t all have iPhones…
But FaceTime is only available on Apple devices. What can Android and PC users rely on instead?
It is important to note that although Zoom is being heavily criticised, many of the same problems are present in other services. Google Hangouts, Facebook Messenger, Skype – all could be broken into by determined hackers.
One alternative option is Signal. This ‘ultra-secure’ app runs on Android phones and Windows PCs and is designed to auto-destruct messages within minutes of being read. And although it is targeted at instant messaging, you can also make video calls using the app. The risk of information being stolen from the Signal app is relatively small.
Zoom is improving
In recognition of current criticism, Zoom has just purchased a company called Keybase. Keybase specialises in messaging encryption – and Zoom plan to use that technology to build end-to-end security into their service. Calls will definitely be a lot safer once the integration has been completed.
As with any online service, you should carefully consider the information being shared before making the call. If you can’t be sure the app is secure, do not share secrets during your chat.