Message from Julie Cribb, Local Groups Officer:
I am currently confined to home, as everyone else is and using videoconferencing a lot more than I usually do, both for work and to try and keep my social activities going.
In this morning's regular departmental meeting (for those of you who don't know I work in a university IT department) we heard of 2 very distressing instances of where staff had been attending external Zoom meetings (we do not use these for our own meetings because of known security issues) which had been hacked and where pornographic images and videos were shown. By the time the moderators of the meetings were aware of what was happening some staff were understandably very distressed. One meeting was a training session for 300 children!
I know that a number of groups are trying to keep their social interactions and meetings going by using various videoconferencing platforms, including Zoom and I thought I would respond to this threat very quickly by giving you a couple of pointers on how to use the systems safely and avoid something as upsetting as this happening to you. I have also included an extract from the Scottish Government's Cyber Resilience Newsletter which put out a notice following the Scottish Swimming incident.
1. Always set up any videoconference meeting by inviting named individuals. For LDWA meetings use the bulk email facility within the system. Ask them not to forward the invitation in an email but to let the host know if anyone else should be invited.
2. Do NOT advertise the url of the meeting in an email or especially on social media (e.g. the Group Facebook page or Twitter)
3. Ensure the virus protection software on any laptop or other device you are using is up to date.
I am not an IT expert and these steps to protect yourself and others are not technical. In this day and age when unscrupulous people have too much time on their hands it is an unfortunate by-product and a definite misuse of otherwise useful IT skills. Please take care by using technology with care and common sense during this difficult time.
In the meantime I hope you are all safe and well and making the most of the exercise time we do have and the glorious weather that has covered most of the country.
Kind regards
Julie Cribb
LDWA NEC Local Groups' Officer
______________________________
EXTRACT FROM SCOTTISH GOVERNMENT'S CYBER RESILIENCE TEAM
‘ZOOM Bombings’
There have been cases globally of video conferencing broadcasts and meetings being hijacked by malicious users including a recent incident where obscene content was broadcast during an online swimming workout aimed at children in Scotland. This event, along with other events that are open by design are vulnerable to being hijacked as anyone can join them.
There are steps which can be taken to minimise the risk of intrusion which include using a unique meeting ID for each meeting and enabling a ‘waiting room’ feature so meeting hosts can add guests manually. Using Zoom securely is one of the topics covered in the webinar mentioned above and in a recent blog by Alison Stone at SCVO.
Each platform has security features and it’s recommended that you take the time to familiarise yourself with configuring security settings to meet the needs of your organisation.
Zoom Security Skype Security Microsoft Teams Security Cisco Webex
There are numerous platforms out there, the list above is far from exhaustive and we recommend that you research and select a platform that meets your needs and has appropriate security functions.