How To Protect Your Data on Zoom

Posted by: Tamara Dutina April 02, 2020

Category: Other

From webinars, online yoga classes to online schooling and client meetings – web communication platforms and their usage flared up in the past few weeks, due to obvious, COVID-19 induced reasons. Unfortunately, so did the security issues led by various cyber-attacks, directed especially towards the most used platforms, such as Zoom.

During the previous month, the number of daily meetings on the platform sported from 10 million in December to as much as 200 million in March! And, as mentioned, such an increase didn’t come unaccompanied. It was followed by a massive increase in new domain registrations with names including “Zoom”. According to research by Check Point, more than 1700 new domains were registered out of which 4% was detected as suspicious.

zoom security advices
Source: Check Point

How is the data compromised?

Several security researchers found out that there is a vulnerability in the chat interface of the full desktop client called UNC path injection. UNC paths are references to shared files or resources. They are in the form of \\host\path\to\file. Zoom’s chat interface automatically converts such UNC paths to downloadable URLs. If the attackers control the host on which the shared file resides, they can steal the victim’s Windows credentials and use them to access all shared resources that the victim is authorized to access. All the attackers need is for the victim to click on the URL which points to a UNC path to a shared file on the attacker-controlled server. The file itself does not need to be malicious, and the theft of credentials is done when the victim’s computer tries to access the shared file. Windows machine will, if not configured differently, automatically try to authenticate itself to a remote host by presenting the victim’s username and hashed password. If the password is relatively weak, the attacker can easily uncover it using password cracking software like Hashcat or John the Ripper.

The same flaw can be used to remotely execute arbitrary command or executable on the victim’s computer thus providing the attacker with the ability to gain full control of the machine.
Another flaw in meeting authentication can enable attackers to enter chat rooms and calls and spam other participants.

Furthermore, it was reported that, contrary to Zoom’s claims, Zoom software does not employ end-to-end encryption. This flaw enables those who can sniff the traffic between participants to obtain exchanged messages which can contain sensitive information.

Safety advices to improve your data security

First of all, you should consider using some other video conferencing software like Skype, Microsoft Teams, Google Hangouts, Google Duo or Signal. If you have decided to stick with Zoom, you should follow these safety recommendations:

The matter of fact is that Zoom is not the only target of malicious attacks and that the users will continue to trust their communication to web platforms. So, if you have concerns about your data safety or need expert advice, reach out to our team for a free consultation.

Get in touch

Cloud expert consultation is free. Book today.

Start

Keep reading

Leveraging AWS Infrastructure as Code to Build Scalable Infrastructure for SMBs

14.06.2021

SMBs (small to medium-sized businesses) and the AWS Infrastructure as Code approach are also a match made in heaven. Learn why >>

read more

Interview with Simon Best, CEO of BaseKit

03.06.2021

Solutions like BaseKit enabled many small and local businesses to survive the Covid crisis with opening the online sphere. Read the interview with their CEO Simon Best.

read more

Why is Google Cloud a good choice for SMBs?

18.05.2021

Recently, we‘ve seen a surge in demand for our managed Google Cloud services, coming from small companies. Take a closer look at why Google Cloud is a good match for SMBs.

read more