Singapore stops Zoom for online education as hackers strike
Singapore has suspended the use of Zoom for online education after hackers hijacked a lesson and showed obscene images to students.
In what is known as “Zoom-bombing,” two hackers interrupted a geography lesson a day after Singapore closed schools on Wednesday as part of partial lockdown measures to curb local transmissions of COVID-19.
Lessons have moved online, with some teachers using video conferencing tools like Zoom.
Singapore’s Ministry of Education said it was investigating the “serious incidents” and may file police reports.
“We are already working with Zoom to enhance its security settings and make these security measures clear and easy to follow,” said Aaron Loh, director of the ministry’s Educational Technology Division.
Researchers found a security flaw in Zoom’s “Waiting Room” feature that could have allowed users to access a video meeting even if they were not approved to join a call. Zoom said Wednesday it had fixed the issue.
“As a precautionary measure, our teachers will suspend their use of Zoom until these security issues are ironed out.”
Singapore is not the only country affected by the teleconferencing disruptions. The FBI issued a warning on March 30 advising users to avoid making Zoom meetings public after it received multiple reports of teleconferences and online classrooms being hijacked, with hackers displaying hate messages or shouting profanities.
Part of the “Zoom-bombing” problem occurs because users tend to create public meetings out of convenience, which allow anyone to join a meeting as long as they have a link for it, according to Michael Gazeley, managing director and co-founder of cybersecurity firm Network Box.
“Details of conferences are often given out in a public manner, because organizers want as many attendees as possible,” said Gazeley.
“With Zoom, it was possible to set up meetings without passwords, so of course many people did just that. Whenever humans are given a choice between convenience and security, convenience almost always wins.”
USC officials said they learned Tuesday that some online Zoom classes had been “disrupted by people who used racist and vile language.”
Following the increase in hacking incidents, Zoom implemented stronger security measures last week, such as enabling passwords and virtual waiting rooms for users.
“We have been deeply upset by increasing reports of harassment on our platform and strongly condemn such behavior,” a Zoom company spokesperson said in an emailed statement.
“We are listening to our community of users to help us evolve our approach and help our users guard against these attacks.”
Security researchers previously found software vulnerabilities in Zoom, in particular for Mac users where hackers could take over a user’s webcam feed. Zoom has since fixed the issue.
Your guide to our new economic reality.
Get our free business newsletter for insights and tips for getting by.
You may occasionally receive promotional content from the Los Angeles Times.