The Ministry of Home Affairs (MHA) today issued an advisory stating that the popular video conferencing platform Zoom “is not safe”, and also advised Government officers or officials to refrain from using it for official purposes. The MHA has also issued guidelines to safeguard private individuals who would like to use the platform for private purposes.
The advisory comes after taking into account various instances of “Zoom-bombing” and hackers accessing private details of users were reported. The document makes reference to earlier advisories of the Indian Computer Emergency Response Team (Cert-In) and states that Zoom is not a safe platform.
The broad objective of the advisory is, MHA says, to prevent any unauthorized entry into a Zoom Conference Room and prevent the unauthorized participant to carry out malicious attacks on the terminals of other users in the conference. Also, Denial of Service (DOS) attacks may be avoided by restricting users through passwords and access grants.
Guidelines for Individuals using Zoom
Zoom has become an extremely popular tool to enable collaboration between remote workers, as well as for communicating and networking with clients since 25 March 2020, when the nationwide lockdown became effective in India. According to an industry survey by Voice&Data, an overwhelming 54% of corporate respondents in India indicated that they were using the platform. Therefore, individuals need to keep in mind the following guidelines to prevent cyber attacks:
- Set a new user ID and password for each meeting.
- Enable waiting room, so that every user can enter only when the host conducting the meeting admits him.
- Disable join before the host.
- Allow screen sharing by host only.
- Disable allow removed participants to rejoin
- Restrict/disable file transfer option.
- Lock meeting once all attendees have joined.
- Restrict the recording feature.
- End the meeting instead of just leaving it.