There are growing security fears about the video-conferencing app, Zoom, as millions of people face the possibility of protracted home-working due to the coronavirus.
By the end of March, most tech giants had closed offices and shifted employee communications online. Across the world, Zoom’s popularity surged to more than 200 million daily meeting participants as workers stayed home.
But many organisations have also realised the threat Zoom poses.
The US space agency, NASA, has banned its people from using it after the FBI issued a warning about so-called “Zoom-bombing” where hackers disrupt video conferences in several ways, including threatening language and sharing porn. And Elon Musk’s SpaceX has also banned it due to concerns about Zoom’s ability to keep users secure.
Despite the warnings, there has also been some confusion about Zoom’s safety. Prime Minister Boris Johnson has been using it to hold virtual cabinet meetings while the Ministry of Defence has banned staff from using it. A government spokesperson defended the PM’s use of it, saying that the National Cyber Security Centre guidance shows there is no problem using Zoom for such meetings.
While some flaws in earlier versions of Zoom have been ironed out, even Zoom’s creators concede it’s currently not possible to enable end-to-end encryption for its video meetings. They’ve openly admitted the app’s shortcomings by publishing an article advising how to keep the bombers out.
Zoom also collects some personal information about customers and shares it with third parties so its creators have now advised users to verify links and the ID of senders before clicking on them because criminals could publish phishing pages that look like Zoom.
Gary Jowett, from Computer & Network Consultants (CNC) in Brighton, says: “One of the attractions of using Zoom is that its basic version is free to use and it’s easy to set up. So, for many Sussex companies who suddenly had to send their staff home, it was the prominent tool to use. But Zoom comes at a hidden cost. It exposes companies to the potential theft of commercially sensitive data which could have a devastating effect on your business.
“There are much safer alternatives which provide end-to-end encryption so that the personal and commercial information of your business and its employees isn’t open to exposure and exploitation. It’s worthwhile getting independent advice about the best tools to use for video conferencing and other remote working activities because a return to normality looks unlikely at present.”