Gorodenkoff - stock.adobe.com

Zoom takes new security measures to counter 'Zoombombing'

Zoom has implemented two key security and privacy measures in order to counter 'Zoombombing.' One enables passwords in meetings by default, while the second creates waiting rooms.

Zoom has taken two key security and privacy measures to counter a phenomenon known as "Zoombombing."

The features, which were announced Friday and took effect yesterday, are the latest efforts from Zoom to bolster security amid increased threats and data privacy concerns during the COVID-19 pandemic. The first feature enables passwords by default for meetings in its Free Basic and Single Pro tiers, while the second enables "waiting rooms," holding areas for participants so that they can manually be let into a call by the host either individually or all at once, on both tiers by default. 

"With password protection on and waiting rooms enabled, you now have two safeguards to fight against the funnel of uninvited guests trying to get into your meetings," a spokesperson said in Zoom's official video announcing the new changes.

This comment references Zoombombing, the practice of unauthorized individuals entering Zoom meetings to disrupt them and sometimes even share shocking content during said meeting. It had become a noted problem in recent weeks as more and more people began using Zoom to connect with others for business, healthcare and educational purposes during the coronavirus pandemic.

Zoombombing has become such a problem that the U.S. Department of Justice issued an official warning against the practice and other forms of videoconference hacking, threatening hackers with fines or imprisonment. According to the DOJ announcement, the state of Michigan experienced several instances of Zoombombing last week where hackers disrupted meetings and online classrooms with pornographic content, hate images and threatening language.

This password update is separate from Zoom's major security update last week, in which Zoom CEO Eric Yuan announced that the company would be dedicating necessary resources to focusing on the "biggest trust, safety, and privacy issues" with the platform. The videoconferencing company also patched several zero-day vulnerabilities that were published last week.

Dig Deeper on Application and platform security