FBIが、COVID-19で在宅勤務や在宅学習が増えることによるZoomを使ったサイバー犯罪についての注意喚起をしていますね。。。

こんにちは、丸山満彦です。

FBIが、COVID-19で在宅勤務や在宅学習が増えることによるZoomを使ったサイバー犯罪（例えば乗っ取り）についての注意喚起をしていますね。。。

● FBI - News

・2020.03.30 FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic

事例については次のような感じですね。

-----

• In late March 2020, a Massachusetts-based high school reported that while a teacher was conducting an online class using the teleconferencing software Zoom, an unidentified individual(s) dialed into the classroom. This individual yelled a profanity and then shouted the teacher’s home address in the middle of instruction.
• A second Massachusetts-based school reported a Zoom meeting being accessed by an unidentified individual. In this incident, the individual was visible on the video camera and displayed swastika tattoos

-----

対策については次のような感じですね。。。

-----

• Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
• Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
• Manage screensharing options. In Zoom, change screensharing to “Host Only.”
• Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
• Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

-----

【参考】

● Hackers News

・2020.03.30 COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware