A new detailed research report released from IntSights, a threat intelligence firm, reveals the cyber threat impact of COVID-19 to global business. It seems that a list of Zoom user credentials was found on the dark web. According to the report, both personal and corporate Zoom account information was shared on the dark web from a wide variety of industries, including banks, consultants, healthcare, software, and educational facilities. The credentials listed for some included an email and password, while others revealed meeting IDs, names, and host keys.
How Credentials Get Compromised
- Many Zoom users ignore basic security measures: Failure to secure Zoom meetings with a password or PIN and publicly sharing a meeting ID via screenshots on social media.
- Credential stuffing: A brute-force attack on a website or application where hackers test usernames and passwords repeatedly to try and gain access to take over an account.
- Zoom specific web hacking tools: One open-source web hacking tool listed on the dark web forums was "OpenBullet." This tool streamlines the process of credential stuffing by harvesting additional data through scraping and parsing an account, automate penetration testing, etc. OpenBullet then provides the tools needed to organize all the ill-gotten results.
Course of Action
As we all rush to use new technologies that enable work from home, school from home, even socialize from home, you need to be aware of the tools you are using and their fit for the task at hand. Zoom has made great strides to enable internet meetings, but in doing so, has prioritized ease of use over security. Using this platform makes it difficult to achieve privacy and confidentially since certain controls would need to be implemented.
Alternative solutions like Microsoft Teams or Cisco WebEx keep security at the forefront, and Systems Engineering has the experience and skills necessary to secure these platforms to meet your organization's specific requirements. At this time, we strongly recommend you do not use Zoom for meetings where confidential and sensitive matters will be discussed.
For more information on secure collaboration tools, reach out to Systems Engineering at info@systemsengineering.com, or 888.624.6737. Customers, please reach out to your Account Manager.
Stay current on the news and events to keep your remote workforce productive and secure by visiting our COVID-19 Resource Portal.
