Not so long ago, Skype and Google HangOut reigned supreme in the video conferencing world. Not very much used and fairly niche, these services all had their share of accessibility and rendering quality problems, which limited their potential to become truly mainstream.
2 years ago, Zoom was a very small player. Little known and without much of a customer base. Although with its audio and video quality and ease of access, it had everything to succeed! And yet…
It was only on the eve of the pandemic that the small app became big. Maybe everything happened a little too fast.
The change from neglected with 10 million subscribers in December 2019 to over 300 million today has made Zoom a new prime target for hackers around the world looking to add to their hunting board.
This is how its security flaws, which did not interest anyone in the past, have become major issues for everyone, as well as for multinationals and governments around the world.
Examples of flaws
In April 2020, an investigation by the FTC, the American equivalent of our consumer protection agency, revealed that Zoom lied about its ability to offer global encryption for its conferences. In other words, the information circulates between the participating users without adequate and total encryption of the data.
During the same investigation, other lies of the company were revealed in broad daylight, such as the fact they circumvented certain security parameters set up on Mac to allow the automated installation of the software without the user having to do any action whatsoever.
During the April 2021 edition of the Pwn2Own event, a hacking contest, 2 participants discovered a flaw allowing them to break into the computer of a person with the Zoom account active on their computer. They were able to control the microphone and the camera, enter browsing history and even grab personal files! The nice hackers (nicknamed White Hat) received a $200,000 prize from Zoom for uncovering this problem.
In August 2021, Zoom agreed to pay $85 million in compensation in a class-action lawsuit filed against the company. The lawsuit alleges that the company hasn’t done enough to protect users and their data.
And we could go on and on with other examples…
But today, everything is good, right?
Unfortunately, we cannot guarantee that all of Zoom cybersecurity issues are resolved.
As mentioned above, the popularity of Zoom makes it a very attractive target for hackers. It is therefore normal that its security is put to the test, and this, constantly.
For example, Google, the Red Cross and the government of France advise against using Zoom.
If it’s possible for you, do it.
If not, here’s how to protect yourself as much as possible:
- Use the web version of Zoom. The extra layer of protection offered by your browser is definitely welcomed!
- Increase the protection of your account by implementing two-factor authentication. Don’t be your Zoom’s biggest flaw.
- Ask the participants of your conferences to connect using a password on your session.
We wish you good, useful, efficient, and above all safe videoconferences!