Beware of hackers looking to take advantage of online communication platforms

As millions of South Africans work from home during the lockdown, Check Point’s regional director for Africa Pankaj Bhula warns that hackers might try to take advantage of this.

On 15 April, a video meeting hosted by the Department of Women, Youth and Persons with Disabilities was hacked and instead of being able to view the discussions, journalists were instead bombarded with pornographic images. The meeting ID for Zoom was shared widely in order to encourage participants to join.

Bhula said, “With lockdowns and restrictive measure in place to fight the spread of Covid-19, working from home has become the new normal for many people. However, this has also opened up new opportunities for cybercriminals. Cybercriminals are acutely aware that most organisations currently depend heavily on online communication platforms to be able to operate and remain in contact with employees, as well as clients.”

He said that the Check Point Research team has observed new phishing websites for each one of the leading communication applications that impersonate the official websites.

“However, we have seen Zoom being targeted aggressively by cybercriminals. We have observed a drastic rise in the number of Zoom domains registered. Since the advent of the Covid-19 pandemic in January, over 1 700 new domains containing the word Zoom have been documented.”

He added that Check Point has deemed 70 of these domains as suspicious. “The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that Covid-19 has forced, and they see it as an opportunity to deceive, lure and exploit.”

Bhula offered some tips that an individual can use, particularly on Zoom, to ensure that they stay safe:

Keep up to date

In order to maintain effective security, the Zoom software must be updated frequently. The updates that tech companies offer for their products not only add new options and features but also address ‘bugs’ and security breaches found – such as the ability to discover and eavesdrop on meetings as mentioned above.

Use a login password

“Our investigation into Zoom conference security showed how an attacker could guess random numbers allocated to Zoom conference URLs and penetrate them without alerting the hosts. The breach happened with conversations where no passwords were set. Zoom fixed the security breach and adopted our recommendations, with all scheduled meetings automatically protected by a password. The requirement to present a password before entering the conference, in addition to displaying the call number, provides sufficient security. But in order to be fully protected, attention must be paid to how we invite the various participants into the call. Another way to control who enters the call is the ‘Waiting Room’ option, in which a call manager creates a ‘Waiting Room’ through which the participants can connect, but only if the call manager confirms the participants one by one or as a group. You can do this in the ‘Advanced Options’ drop-down menu when you want to schedule a call.”

During the call – manage your participants

“Even if we have decided to use the less secure link-sharing option, we may prevent instances of participants displaying inappropriate content by restricting the use of the camera by participants. The conversation manager can decide who can use their camera and microphone by clicking ‘Manage Participants’.”

Assume what happens in Zoom does not stay in Zoom

“Zoom allows you to record video calls and export them as video files as soon as the call ends. This is a very useful tool when you want to update those who were not present at the meeting. The security problem that comes with using this tool is almost self-explanatory: since conversation participants can export the recorded file, the file can actually find its way into malicious hands. To reduce the possible dangers from using the recording tool, the call manager can decide which of the participants may record the call through the participant management window and click ‘Allow Record’. Do also take note that the participant can always record the conversation using external software for recording the screen. Therefore, always assume that you may be recorded and act accordingly. After the call, if you have recorded it, ensure you don’t upload it to a shared platform like an information-sharing cloud that is open to other parties.”

Eric Yuan, the founder of Zoom, has begun hosting a weekly question-and-answer session to help address security concerns that people may have with the platform. The company has created a 90-day plan to help address these concerns. In a statement, Yuan said that the pandemic has created a huge influx of new users. “These new, mostly consumer cases, have helped us uncover unforeseen issues with our platform… we take them extremely seriously. We are looking into each and every one of them and addressing them as expeditiously as we can.”