Thursday, April 9, 2020

Zoombombing As PSYOP



We’re all confined to quarters thanks to Covid-19. As a result, we have turned to video collaboration platforms such as Cisco WebEx, Adobe Connect, Citrix Go To Meeting MicroSoft Team, GoogleHangout and of course, Zoom.
On March 20, 2020 the New York Times ran an article ‘Zoombombing’:when Video Conferences Go Wrong (see: https://nyti.ms/2XoqJM3, which is also a photo source).
They reported among other things that “On Friday , the journalists Kara Swisher (a contributing writer for the Opinion section of The New York Times) and Jessica Lessin hosted a Zoom event focused on the challenges women tech founders face. They were forced to abruptly end the event after just 15 minutes of conversation because a participant began broadcasting the shock video “2 Girls 1 Cup.”

“Our video call was just attacked by someone who kept sharing pornography + switching between different user accounts so we could not block them,” Ms. Lessin tweeted, adding that she and Ms. Swisher would reschedule an audio-only version of the event.”

Unscrupulous influencers are also moving to online platforms as a way to attack their targets. One such Zoom bombing was against Portland State University. The Portland State (Oregon)
Student run newspaper, the Vanguard was hacked by neo-nazis. (see: https://bit.ly/2K5Kq3z, which is also a photo source). According to the Vanguard, “The hackers interrupted speakers with racist invective and ties to Nazism.”

According to the UT based DesertNews (a subsidiary of the Deseret Management Corporation, which is owned by The Church of Jesus Christ of Latter-day Saints), “It’s happened for virtual Alcoholics Anonymous meetings in New York. It’s happened in Boston. It’s happened in workplaces and schools in California and Texas. It’s happening everywhere.” (see: https://bit.ly/3c9Xlxl, which is a photo source and responsible for the hotlinks in the quotes. The article continued that “Trolls have entered into Zoom meetings to drop “disturbing imagery,” like pornographic material and “horrifying sexual videos,” TechCrunch reported

From the variety of targets, it should be obvious to PSYOPers that these PSYACTs are having an effect. People are stuck in their homes due to shelter in place orders and are somewhat of a captive audience.

Meanwhile Zoom is scrambling to keep up with the burgeoning demand for their product and to upgrade their product’s security.

At the moment, Zoombombing is easy to do. In some respects its like phishing in the ‘old days’, meaning designed to troll for unspecified victims. Many organizations, especially non-profits, schools and others new to video conferencing employ unprotected links which can be unearthed in a variety of simple ways.
As these links are secured, it is reasonable to assume that Zoombombers will start to employ spear phishing like techniques meaning that they will attack specific, high value targets.

OPSEC folks and Counterintelligence specialists need to be vigilant as to Zoombombing efforts and coordinate with their respective PSYOP support elements to help facilitate the counter propaganda analysis and perhaps even offensive cyber influence campaigns employing this new influence vehicle.

If you are interested in how to protect yourself, here’s an article from techrepublic.com that offers 5 simple tips on preventing Zoombombing.

1 comment:

Lawrence Dietz said...

Here's a follow-up article: https://nakedsecurity.sophos.com/2020/04/15/zoom-passwords-for-sale-on-the-dark-web-ten-a-penny-by-all-accounts/?utm_source=Naked+Security+-+Sophos+List&utm_campaign=077e5720c1-Naked+Security+-+Nov+2019+-+ad+A+%28G1%29&utm_medium=email&utm_term=0_31623bb782-077e5720c1-454939865