How to block ‘Zoom bombing’ in higher ed

Racist and pornographic images hint at an organized hacking campaign

Online college classes are suddenly being invaded by “Zoom bombing,” an ugly new activity in which hackers disrupt virtual meetings to display pornography, racism and other disturbing images.

Last week, three University of Missouri Zoom sessions were hacked by individuals “using hateful, discriminatory and reprehensible language,” UM System President Mun Choi reported to the campus community, according to The Kansas City Star.

A film course at Santa Barbara Community College was disrupted when hackers took over the instructor’s screen to display pornography and images of the 9/11 attacks, Noozwhawk reported. 

And the FBI issued a warning about Zoom bombers after K-12 schools were hacked last week, CBS Boston reported.

More from UBColleges shift to pass/fail to smooth students’ transition to distance learning

The pornographic, racist and threatening actions taken by Zoom-bombers appear to be an “organized effort” among right-wing hate groups and similar dangerous actors, Leah Plunkett, a faculty associate at the Berkman Klein Center for Internet & Society at Harvard University, told University Business. 

At least two state attorneys general are now investigating Zoom’s privacy practices to understand fully how the break-ins are occurring while some K-12 schools and other institutions are banning Zoom to safeguard students, Plunkett says.

To block the attacks, instructors should:

  • Set a password for every Zoom session.
  • Use meeting settings to prohibit screen-sharing by anyone other than the instructor hosting the meeting.
  • Turn off video for participants upon entry.
  • Lock the meeting right after it starts to ensure that only authorized participants are in and remain in.

More from UB48 free higher ed resources during coronavirus pandemic

More defenses against zoom bombing

After the Zoom bombing in Massachusetts, the FBI Boston office released some tips for shutting out hackers. It recommended:

  • Do not make meetings public by requiring a password or using the waiting room feature to control the admittance of guests.
  • Do not share a link to a teleconference or classroom on publicly available social media post. Provide the link directly to invited participants.
  • Ensure users are using the updated version of remote access/meeting applications.

Santa Barbara Community College also issued an extensive set of guidelines for how to prevent Zoom meetings being Zoom-bombed by trolls. The list covers how to best configure and schedule meetings, manage sessions and regain control during a Zoom bombing.

UB’s coronavirus page offers complete coverage of the impacts on higher ed.

Matt Zalaznick
Matt Zalaznick
Matt Zalaznick is a life-long journalist. Prior to writing for District Administration he worked in daily news all over the country, from the NYC suburbs to the Rocky Mountains, Silicon Valley and the U.S. Virgin Islands. He's also in a band.

Most Popular