Login
For millions of people, itβs not a workday without it β video conferencing. And plenty of business gets done that way, which has made conferencing a target for hackers. That then begsΒ theΒ important question, how secure is video conferencing?
The answer is pretty secure if youβre using a reputable service. Yet you can take further steps to keep hackers and party crashers out of your meetings.
Hackers and party crashers are likely motivated by one of two things: financial gain or mischief.
Given that some meetings involve confidential or sensitive info, someone might have financial motivation to join in, spyΒ on,Β or record the meeting. Recently, we saw the lengths at least one AI company went toΒ when it spied on a competitorβs video conference call.[i]
And of course, some bad actors want to cause a disruption. As we saw in recent years, theyβll barge right into a meeting and create a ruckus with rude speech and other antics.
Falling somewhere in between, some hackers might try to intrude on a meeting andΒ slip a malware-laden attachment into chat.[ii] For one, that can lead to a major disruption. And in a business context, financial disruption as well.
How do they pull it off? The typical avenues of attack apply. They might use stolen or hijacked accounts. The meeting was inadvertently set to βpublic,β allowing anyone with a link to join. Otherwise, they might compromise a victimβs device to piggyback their way in.
Use a service with end-to-end encryption.Β
PutΒ simply, end-to-end encryption providesΒ a solidΒ defense against prying eyes. With it in place, this form of encryption makes it particularly difficult for hackers to tap into the call and the data shared within it.Β SecureΒ video conferencing should use 256-bit AES GCM encryption for audio and video, and for sharing of screens, whiteboard apps, and the like. On a related note, read the serviceβs privacy policy and ensure that its privacy, security, and data measures fit your needs.
Make your meetings private and protect them with a password.Β
Keep the uninvited out. First, setting your meeting to private (invitees only) will help keep things secure. Some apps also provide a notification to the meeting organizer when an invite gets forwarded. Use that feature if itβs available. Also, a password provides another hurdle for a hacker or bad actor to clear. Use a fresh one for each meeting.
Use the waiting room.Β
Many services put attendees into a waiting room before they enter the meeting proper. Use this feature to control who comes in and out.
Block users from taking control of the screen.Β
Welcome or unwelcome, you can keep guests from taking over the screen. Select the option to block everyone except the host (you) from screen sharing.
Turn on automatic updates on your conferencing app.Β
By turning on automatic updates, youβll get the latest security patchesβ―and enhancementsβ―for your video conferencing tool as soon as they become available.
Get wise to phishing scams.Β
Some interlopers make it into meetings by impersonating others. Just as bad actors use phishing emails and texts to steal personal financial info, theyβll use them to steal company credentials as well. OurΒ Phishing Scam Protection GuideΒ can show you how to steer clear of these attacks.
Use online protection software.Β
ComprehensiveΒ online protection software like oursΒ can make for safer calls in several ways. For one, it protects you against malware attacks, such as if a bad actor tries to slip a sketchy download into your meeting. Further, it includes a password manager that creates and stores strong, unique passwords securely. This can help increase the security of your video conferencing account.
This is a new one. AI deepfake technology continues to evolve, we find ourselves at the point where scammers can create AI imposters in real time.
Weβve seen them use this technology in romance scams, where scammers take on entirely new looks and voices on video calls. And weβve seen at least one group of scammers bilk a company out of $25 million with deepfaked executives on a call.[iii]
Strange as it might sound, this kind of deepfake technology is possible today. And realizing that fact is the first step toward prevention. Next, that calls for extra scrutiny.
Any time-sensitive info or sums of money are involved, get confirmation of the request. Place a phone call to the person after receiving the request to ensure itβs indeed legitimate. Better yet, meet the individual in person if possible. In all, contact them outside the email, message, or call that initially made the request to ensure youβre not dealing with an imposter.
With the right provider and right steps in place, video calls can be quite secure. Use a solution that offers end-to-end encryption, keep your app updated for the latest security measures, and lock down the appβs security settings. Also, recognize that AI has changed the way we look at just about everything online β including people on the other side of the screen. As weβve seen, AI imposters on calls now fall into the realm of possibility. A costly one at that.
[i] https://www.nytimes.com/2023/08/07/technology/ai-start-ups-competition.html
[ii] https://www.pcmag.com/news/hackers-circulate-malware-by-breaking-into-microsoft-teams-meetings
[iii] https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html
Β
The post How Secure is Video Conferencing? appeared first on McAfee Blog.
FreshRSS