The Department of Justice (DoJ) has warned that Zoombombers could receive a prison sentence if found and convicted, as the COVID-19 pandemic forces meetings online.
The number of daily meeting participants on Zoom has risen from 10 million in December last year to a staggering 200 million by March, the firm revealed last week. However, users who fail to pay attention to their privacy settings may find their meetings disrupted by uninvited guests.
Reports have emerged of meetings interrupted by live-streams of adult content, and threatening language.
“You think Zoombombing is funny? Let’s see how funny it is after you get arrested,” warned Matthew Schneider, US attorney for Eastern Michigan. “If you interfere with a teleconference or public meeting in Michigan, you could have federal, state or local law enforcement knocking at your door.”
The charges, punishable by fines or even imprisonment, could include disrupting a public meeting, computer intrusion, using a computer to commit a crime, hate crimes, fraud, or transmitting threatening communications.
The DoJ reiterated best practice advice for video conferencing users including the following: change screen-sharing to “host only,” don’t share meeting ID on social media, keep software on the latest version, update corporate home working policies and don’t make meetings public.
Zoom has also been trying to educate users on how to keep the Zoombombers out. It now generates a password automatically for all new meetings, and the use of personal meeting ID for new meetings is switched off by default, meaning a one-time code will be issued.
Users are also encouraged to enable: “waiting room” which means attendees can’t join unless a host selects them individually from a list and a feature which allows the host to put any attendee on hold.
However, the firm was criticized last week after researchers easily found user meeting recordings stored online without a password. They blamed the Zoom default naming convention for files.