Blog Banner

Avoid using risky platforms to make video calls

    The spread of COVID-19 has forced many companies and organizations to work remotely in an effort to keep business running . While this precaution is a good measure of employee health while maintaining productivity, it also opens up more opportunities for cyber-attackers to succeed.

    GLOBALEXPO encourages you to read the article: GLOBALEXPO: Online exhibitions, video calls, and conferences in one place , where we also do secure video and video conferencing. The GLOBALEXPO solution on http://meet.globalexpo.online on the secure Jitsi Meet platform gives you 100% confidence that no one can access your data, there is no need to register or install anything. If you are more interested in this issue, there is also an article , where we compared a number of video conferencing and video calling tools.


    GLOBALEXPO as part of the initiative #POMAHAME" href="http://www.pomahame.eu/"> #POMAHAME < / span> offers every company to present themselves in the online world at one of the online exhibitions or even the opportunity to conduct short online video chats and video conferences completely free of charge, securely with the possibility of password, without registration and without any restrictions. Exhibitor registration consists of simple steps that everyone can do. Invest 5 minutes of time in this registration and register for one of our online exhibitions here >:


    EXHIBITOR REGISTRATION





    • Unauthorized Access and Bombing
    • Vulnerability in conference software
    • Weaknesses and errors caused by the implementation and operation of conference software
    • DoS and DDoS attacks on ongoing video conferences


    Bombing and eavesdropping



    The US FBI has warned of attackers who have joined video conferences that have been used for online training or business meetings to disrupt them. While some conferences were interrupted only by humorous content, others contained pornographic or hateful content involving threats and verbal attacks. Such incidents were also recorded in American high schools, at an unknown attacker has joined the teleconferencing online training through the Zoom platform, disrupting the entire training.


    Modern video conferencing platforms often allow anonymous connections without a name, with the camera and microphone turned off, or Dial-in, or from the public telephone network. Such participants can eavesdrop on communication in larger video conferences.


    Vulnerability Abuse



    Vulnerability is not avoided even by video conferencing platforms, and software security policies, such as prompt installation of security patches, apply here as well. For example, the March and April updates to the popular Zoom video conferencing solution immediately address several serious vulnerabilities that could lead to abuse. opportunities for attackers. Vulnerabilities enabled:


    • listen to a video conference without the participants' knowledge due to poor end-to-end encryption implementation
    • filter passwords from the Windows environment towards the attacker
    • bypass operating system privileges when installing the application
    • install malicious code unauthorized

    Although vulnerability fixes have been released on the Zoom platform, the attacks persist as many users have not updated the application.


    < / div>

    Weaknesses and errors caused by the implementation and operation of conference software

    Loading each The technology that is to be accessible from the external environment to the organization also brings with it changes in the configuration and settings of the infrastructure. The most significant changes take place on the perimeter of the organization in firewalls and other security features. Administrators often allow exceptions to the rules that are detrimental to security. The opening of specific ports, as well as common protocols such as RDP (where we have seen an increase in open RDP protocols in recent weeks) and VNC, and their lack of security open the way for an attacker inside the organization. Weaknesses can also be caused by incorrect implementation of the video conferencing solution itself, installation of out-of-date versions or insufficient security of the server, which can lead not only to its compromise, but also to the intrusion of the attacker into other company infrastructure.


    < / div>
    Administrators also make things easier by opening IP address communication to all ports on which the video conferencing solution is located, so that they do not have to look for specific ports through which the solution communicates. Such a procedure is even directly required by some solutions. However, this leads to a high risk and should never happen during implementation - whether to open all ports or implement a solution that requires a large number of ports to be opened.


    DoS and DDoS attacks


    Another way to disrupt or completely prevent a video conference call is to attack the actual operation of the ongoing video conference call. An attacker could choose from a number of options to attack the victim's infrastructure directly or to attack the ISP's infrastructure on which the video conference call is taking place.





    Most applications that use video conferencing (e.g. Zoom, Webex, Skype) usually only provide cloud traffic, without the need for own the infrastructure to operate such a service. The cloud solution for video conferencing calls is a great attraction, as from the operational point of view it is a cheap solution, from the user's point of view, the advantage is speed and ease of use. However, the cloud mode of operation also has its significant disadvantages - the confidentiality of conversations can never be guaranteed, as the operation is provided by an external operator who can record and store individual calls. Attacks on cloud services are also nothing special - the more used the service, the more attractive the target for attackers.


    Videoconferencing Security Recommendations

    Video conferencing systems make work easier and can be a good tool for keeping work efficient. However, unsecured video conferencing on risky platforms carries a high security risk. Therefore, the National Cyber ​​Security Center SK-CERT recommends:


    • Use well-known software with good reputation and adequate security features, such as network communication encryption, two-factor authentication when signing in, and so on for video conferencing
    • Especially for government, we don't recommend using Zoom. We recommend using other, safer alternatives
    • Use only updated software and do not delay installation if security updates are released
    • Protect every video conference call with a comprehensive, hard-to-guess password. Do not use the same password in multiple video conferencing calls
    • Verify each video conference participant, preferably by checking and managing video conference environment entries ("waiting room" feature)
    • Make video conferencing private, not public
    • Do not share the videoconference link publicly via social networks or the like, only share the link with specific people who should be in the videoconference
    • If you want to communicate sensitive data with teleconferences, do so so that you are part of the information and part said during the call and sent the other part in a message via another application
    • If you have any suspicions of compromising video conferencing, or if your device is behaving strangely, notify your employer and the person responsible for cybersecurity in your organization immediately. />

    Due to the fact that not all companies have established work from home, they do not even have developed security guidelines and regulations on how to approach the home office from a security point of view.