Saturday, 30 May 2020

Meteoric rise of Zoom throws privacy and security issues into the limelight

by Harry Baldock, Total Telecom
Thursday 02 April 20

As the video calling software is being used for everything from business meetings to virtual drinking sessions, cybercriminals have been quick to turn up the heat

With work from home at an all time high, video calls have been working hard to plug the communication gap around the world, both professionally and socially. Zoom is perhaps the most prolific of these services, recently passing the 200 million daily users mark.   This is all the more impressive when you consider that the platform had just 10 million daily users back in December last year…

With work from home at an all time high, video calls have been working hard to plug the communication gap around the world, both professionally and socially. Zoom is perhaps the most prolific of these services, recently passing the 200 million daily users mark.
 
This is all the more impressive when you consider that the platform had just 10 million daily users back in December last year.
 
On Tuesday, UK PM Boris Johnson even shared a screenshot of a Cabinet meeting taking place over the now ubiquitous platform.
 
However, this is not without its problems, as Zoom now faces an onslaught from security and legal specialists who claim that the platforms default settings are not secure enough.
 
The issues have been partially exposed by the growth of a new phenomenon dubbed ‘Zoombombing’, whereby unwanted pranksters join a private meeting simply by accessing its unique, shareable ID number – in the aforementioned Tweet from the PM, the meeting’s ID number can be clearly seen to be 539-544-323, though thankfully this meeting was password protected. While this ‘Zoombombing’ could be construed harmless fun, it does represent a significant security and privacy threat, and this is sadly the tip of the iceberg.
 
Zoom has recently had to remove code in its iOS app that sent device data to Facebook, as well as rewrite parts of their security policy after it came to light that users data was being used to produce targetted ads. In addition, Zoom has claimed its service was supported by end-to-end encryption, though it noticeably backtracked yesterday, admitting that “it is not possible to enable E2E [end-to-end] encryption for Zoom video meetings”.
 
All in all, Zoom’s platform seems insecure at best and perhaps complicit in selling user data at worst. Perhaps the lesson we should really take from this situation is acknowledging a key trend in the rapid uptake of new technology – people value simplicity over security. If a service is free, easy to access, and easy to use, customers will forego many of their security concerns, to the delight of hackers.
 
Hopefully this will provide a poignant lesson for operators when it comes to 5G and especially the IoT. With an entire ecosystem of connected devices on the horizon, security must be of paramount concern, especially since the lack of it will not dissuade the public until the damage is irreversible.
 
 
Also in the news:

Since you're here...

...the Telecoms industry is characterised by constant change and evolution. That's why it's crucial for telecoms professionals to keep up-to-date with what is happening. Join 35,000+ of your peers and sign up to our free newsletter service today, to be in the know about what is going on. PLUS, as a member you can submit your own press releases!

See all membership options

Please enable JavaScript to view the comments powered by Disqus.

Newsletter signup

Quickly get on board and up to date with the telecoms industry