We have all had to change our way of working since COVID-19, not surprisingly the cybercriminals have also kept up to date and are attempting to take advantage of our reliance on video conferencing systems.
In terms of context, in December 2019, Zoom reported that they had 100 million regular users. By the end of March 2020, their user base had reached over 200 million. Of course, there are also plenty of other platforms that organisations use, all of which have had an increase in users, that are all at risk to the same threats.
The types of attacks being reported are:
- Phishing attacks, this involved phishers emailing out fake Zoom (or other solutions) video-conferencing meeting notifications, driving traffic to fake registration pages, designed to steal usernames and passwords. The phishers then attempt to access other systems and services with the stolen credentials.
- Other phishing attacks included encouraging users to download the Zoom client, which of course was not the Zoom client, instead, it was Malware code.
Relevance to your organisation:
- Video conference technology usage has increased significantly, you may have non-technical users that are new to this type of technology and unaware of the potential risks involved.
- If login details are successfully harvested, those credentials are potentially used across other systems and services.
- The assessment of the threat and impacts may not be completed, therefore it is not part of your current risk register. It’s important to assess whether these threats introduce new adversaries.
What you can do about it:
- Education, training and awareness is a great first line of defence
- Password policies to ensure that they are updated regularly and only used for one system
- Ensure that you have the latest versions of malware and anti-virus protection installed on all endpoints
- Carry out a risk assessment based on increased usage of video conferencing technology