Hacker’s Court Hearing Disrupted By Porn Clip — CyberHoot

How Did This Happen?

Notice of this court hearing was posted on the Florida State Attorney’s Office website and improperly secured. The Zoom meeting’s time and ID were published allowing anyone to join this meeting. Within the meeting there were no precautions taken, all users were able to unmute their microphones and stream their own video. The lack of security makes it ideal circumstances for “ zoom bombing “. Within a minute of the hearing’s start, the hacker interrupted a discussion between Clark’s attorney and the judge by streaming a live video of himself adjusting his face mask. Just a few minutes later, someone began interjecting loud music. Judge Christopher C. Nash was personally in charge of administering the video hearing when, after roughly 15 seconds worth of random chatter interrupted the prosecution’s response, Nash told participants he was removing the troublemakers as quickly as he could. What happened a minute later was almost inevitable given the security settings of this particular Zoom conference call; someone streamed a graphic video clip from PornHub for approximately 15 seconds before Judge Nash abruptly terminated the broadcast.

Secure Your Meetings

Zoom takes the brunt of the complaints on securing Web Conferencing, it’s important to realize any web conference can be attacked and to take precautions by securing your meetings appropriately. Businesses or educational institutions should be finding ways to secure these video conferences to reduce the likelihood of zoom bombers joining their meetings. There are a few things you can do to stay secure while video conferencing:

• If you are the host of the meeting, make the meeting private, requiring a password or private link to join the conference call;
• When the meeting is made private, control access to the meeting by enabling the “waiting room” feature so you can manually let authorized people into the meeting; you would get a message similar to, “Bob Johnson would like to join the meeting” and would need to approve;
• Do a roll call and keep track of the amount of users that are supposed to be in the meeting, if you invited 8 users and there are 10 in the meeting, you may want to check out who the two (2) extra users are;
• Don’t share the meeting ID, password, or meeting link on a public platform, such as your website or related social media site;
• Once every authorized user has joined the meeting, lock the meeting so nobody else can join;
• Only allow the Conference Host to have control of screen sharing;
• Disable file-sharing so people aren’t flooded with content.

Specific Zoom Settings to Examine

The following are recommended settings for hardening your Zoom Meetings:

• Participant video off on join
• Join before host off
• Require a password when scheduling new meetings on
• Require password for participants joining by phone on
• Mute participants upon entry on
• Chat on (group chat)
• Private Chat off
• Co-host on
• Allow host to put attendee on hold on
• Allow removed participants to rejoin off
• Waiting room on

Always take proper precautions when setting up virtual meetings, especially those that require private, uninterrupted conversations. It’s always good to stay on top of emerging threats like these, stay ahead of the curve by educating your staff and improve cybersecurity awareness by working with CyberHoot!

Originally published at https://cyberhoot.com on August 25, 2020.