Defending yourself against Zoombombers
Tuesday, February 09, 2021 @ 8:10 AM | By Jana Schilder
Many law firms made the transition to working virtually early and seamlessly. So far, so good.
But our bliss was short-lived! A new word entered our lexicon: Zoombombing. This happens when hackers, or “hactivists,” join your Zoom meeting uninvited and bombard the meeting’s attendees with foul language, pornographic images/video, racial slurs and other offensiveness.
The goal of Zoombombers is simple. They want to interrupt your meeting, to make people upset, to derail your thinking and to embarrass your law firm or organization (and by extension, its clients). Your law firm’s reputation is on the line.
As any cybersecurity expert will tell you, nothing is “unhackable.” It is the price we all pay for connectivity via the Internet. There is no such thing as 100 per cent cybersecurity, there are only best-practice precautions, hedged-bets, strong passwords, keeping software up-to-date and installing all software patches issued by manufacturers.
While Zoom scrambled to issue software patches for known security issues, Zoombombing continues.
Zoombombing is an intrusion, an unauthorized entry and as such, is criminal. But these intruders are not breaking into your boardroom or an annual general meeting. Now, they can do it virtually, in their frumpy bathrobe and fuzzy slippers.
Zoombombing is also cyberterrorism. Problem is, it takes enormous resources to catch, prove and prosecute cyberterrorists. For Zoombombers, this is the best part: impunity is a big attraction.
1. Law firms should not feel immune from Zoombombing. Since the pandemic began, Zoombombers have targeted Alcoholics Anonymous meetings, prayer groups, synagogues, children’s book readings, dissertation defences and classrooms. Another popular target includes gatherings and webinars that focus on diversity issues and historically targeted groups, such as Jews and African-Americans.
There are plenty of law firms that work with non-profits as well as activist groups.
Even after Zoom password-protected its calls by default, the Zoombombing continued. Recently, a team of researchers discovered that especially in colleges and universities, the culprit is someone on the inside. Hot tip: cybersecurity experts will also tell you that many employee investigations, including law firms, result in the finding of an “inside job” or “disgruntled employee.”
The greater danger for law firms, however, is malware, ransomware and phishing, like when both Bay Street law firms working on BHP Billiton Ltd.'s ultimately unsuccessful $38-billion bid for Potash Corp. in 2010 were hacked, allegedly by Chinese state actors, as reported by The Globe and Mail.
2. Prepare now. It is hard, if not impossible, to plan in a crisis. By definition, a crisis is when you’re under attack, variables are unknown, and important stakeholders are involved, including law firm clients.
Prepare the plan now, not after your law firm has been Zoombombed. That’s like putting in a home security system after your home has been burglarized. A dollar short and a day late.
Part of your crisis plan should involve communication. Frequently, Zoombombers conduct these intrusions expressly for the bragging rights. So, you need to be ready with an official statement, a designated spokesperson.
3. Read Zoom’s own guidelines for How to keep uninvited guests out of your Zoom event. If you are hosting or co-hosting the meeting, you need to know this information.
Much of the control has to do with managing the participants, just like controlling who gets invited to the party. You need to weed out the party crashers.
You can remove unwanted participants, mute participants, disable their video and turn off various other features. You need to know where these buttons are located on the Zoom dashboard. Looking for them when you’re frazzled with dozens, or hundreds, of attendees is leaving it to chance.
Here is Zoom’s video on “In-meeting security options.”
Most of the settings can be controlled from Account, Group and User settings prior to the meeting. If applied at the Account, Group or User level, these settings will be applied in meeting by default. The security icon combines them all in one place for easy access during the meeting.
If the options are enabled/disabled and locked by an account admin, they will not be modifiable in-meeting by the host or co-host.
Zoom also cautions to not promote meetings, as many activist groups do, on social media. This is advertising private activities to the wrong crowd — trolls.
4. Maintain presence of mind. Easy to say, easy to write, hard to do when you’re in the moment. The meeting’s host, or co-hosts, can make choices: they can record the Zoombombing incident, or end the meeting for all participants.
Having presence of mind will enable you to hit the “Record” button, as well as saving “Chats” and capturing screen shots.
Depending on the severity of the Zoombombing incident, a recording of it will help police investigate the incident. But don’t hold your breath that the culprits will be found — or brought to justice. Cybersecurity investigations are a very long and winding road.
5. Don’t underestimate the psychological impact of Zoombombing. Meeting attendees will be upset, some more than others. Criminal lawyers, who deal with the consequences of people’s bad behaviour for a living, have an edge here — maybe.
Follow up with each participant, to see how they are doing after the Zoombombing. There may be wisdom to call in trauma counsellors to help people deal with their feelings.
Jana Schilder is co-founder of The Legal A Team, a marketing, public relations and social media agency for lawyers and law firms. She also wrote the book on public relations for lawyers, available at Lexis Practice Advisor (LPA). Reach her at firstname.lastname@example.org, or 416-831-9154.
Photo credit / KatarzynaBialasiewicz ISTOCKPHOTO.COM
Interested in writing for us? To learn more about how you can add your voice to The Lawyer’s Daily, contact Analysis Editor Peter Carter at email@example.com or call 647-776-6740.