China allegedly 'hijacking' online video conferences with Zoom, US-Canada react strongly

 

In view of worldwide lockdown due to the coronavirus outbreak, schools and institutions across the world have been shut down thus leading to the initiation of online discussions through video conferencing. However, the Federal Bureau of Investigation (FBI) has recently issued a public warning against the "hijacking" of online video conferences. Many users of the application across the countries have been complaining about unwanted participants joining calls to troll other members as well as share unwanted imagery.

 

 

A report by The Washington Post states that the New York City Dept. of Education has urged schools, a system with more than 1.1 million students to not use Zoom and switch to reliable apps such as Microsoft Teams or Google hangouts instead, since many online classes attended by students across America were recently breached, causing untoward issues of racism and other forms of online abuses.

 

 

Researchers have claimed that these hacking incidents could be succeeded by more dangerous attacks which will leave PCs and sensitive corporate data vulnerable. The service, once mostly used for client conferences and training webinars, has risen in the coronavirus lockdown as a home for virtual cocktail hours, exercise classes, cabinet meetings and remote classroom learning. But during the 20-fold surge to 200 million daily members since the end of last year, the service has been hit by trolls interjecting porn or hijacking meetings and drawing regulators’ scrutiny about privacy.

 

 

China-owned application Zoom has succeeded in getting an early share of the suddenly increasing demand for online video conferencing by offering a free service that allowed for live video conferencing with up to 50 participants as well as screen sharing. However, as its myriad privacy issues started coming to light, it appeared that Zoom did not just have one or two, but an ever-increasing number of security issues.

 

 

 

 

 

Security experts found publicly highlighted problems with Zoom’s technology could leave user data vulnerable to outsiders’ exploitation. “Zoom bombing”, where unauthorized people get access to a meeting and share hate-speech or objectionable images started trending on social media.

 

 

This led to Zoom attempting to justify the reason behind its security concerns and go on overdrive mode to attempt to get the situation under control.

 

 

 

 

 

Responding to the accusations, Chinese officials through an English Daily of China, Global Times have stated that using so-called safety issues as an accusation against China has been an irresponsible fashion talk by some foreign organisation, which is not based on ration but bias. It also said that the industry insiders have responded to the accusation by the University of Toronto’s Citizen Lab in which they alleged the global technology company Zoom may be legally obligated to disclose encryption keys to Chinese Government.

 

 

"Although Zoom is not a Chinese company, its owner is a Chinese, and as long as it is related to Chinese people, it will have the pressure”, said Sun Yuzhong, a researcher at the Institute of Computing Technology under Chinese Academy of Sciences.

 

 

 

 

A report by the Citizen Lab of the Toronto University suggested that Zoom's primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that the company may be legally obligated to disclose these keys to authorities in China.

 

 

The report claimed that a scan shows a total of five servers in China and 68 in the US that run the same Zoom server software as the Beijing server, and the lab suspects that keys may be distributed through these servers.

 

 

Meanwhile, the CEO of Zoom, Eric Yuan embarked an apology tour to reassure users that he is working to improve security and privacy on the video conferencing app that has emerged as the virtual town square of the COVID-19 epidemic. He told a leading channel that “We are still in the process of working with New York schools to make sure we do enforce security safety. Yuan said that the company is working to protect privacy, including adding end-to-end encryption that is still months away and for now, he’s trying to keep customers on board.

 

 

Many of the problems stem from the fact that the app was geared toward enterprise clients with their own IT security teams, instead of the broad consumer app it’s become, he clarified. “I really messed up as CEO, and we need to win their trust back,” Yuan told the Wall Street Journal. “This kind of thing shouldn’t have happened.”

 

 

 

 

 

 

Video conferencing application that shot to fame since a lockdown at an almost global level took effect across various countries. The sooner it raised to new heights the quicker the app was subjected to scrutiny. Users and cyber-security researchers have been complaining about the app being insecure. Zoom has finally responded to the flaws in security by introducing two new features.

Zoom has declared that it will enable two new security features which will include ‘Waiting Room’ and two meeting password settings in order to make conference calls more private for users.

Going forward, it remains to be seen how schools and ministry in India react to the situation. While Indian organisations have not reacted very evidently to the surfacing online privacy and data security concerns related to Zoom, it remains to be seen what actions will possibly be taken on the issue as instances of zoom bombing, coupled with a wide range of other security problems, have continued to rise for the service, as a result of which schools in USA are now being advised against using the service.