FYI on a Government membership.
From: Julie Anderson <janderson@molallapolice.com>
Sent: Thursday, April 2, 2020 12:28 PM
To: Frank Schoenfeld <fschoenfeld@molallapolice.com>; Chris Long <clong@molallapolice.com>
Cc: Ronda Lee <rlee@molallapolice.com>
Subject: FW: Message from the MS/EI-ISAC: FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing - TLP: WHITE
See below from FBI re Zoom-Bombing
Julie B. Anderson
Molalla Police Department Records
117 N Molalla Ave / PO Box 248
Molalla OR 97038
Direct: 503-759-0229
Records:503-829-8817
FAX: 503-829-3461
**This e-mail may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If you are not the addressee or it appears from the context or otherwise that you have received this e-mail in error, please advise me immediately by reply e-mail, keep the contents confidential, and immediately delete the message and any attachments from your system. **
From: CJISSecurityPolicy <cjissecuritypolicy-bounces@listsmart.osl.state.or.us> On Behalf Of Harris, Nicholas C
Sent: Thursday, April 2, 2020 12:27 PM
To: CJISSecurityPolicy@listsmart.osl.state.or.us
Subject: [CJISSecurityPolicyForum] FW: Message from the MS/EI-ISAC: FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing - TLP: WHITE
CJIS LASO’s –
Please see the following guidance from the FBI on VTC.
Regards,
|
Nicholas C. Harris CJIS Information Security Officer Oregon State Police 3565 Trelstad Ave SE Salem, OR 97317 Phone: (503)934-2335 | Mobile: (503)302-7269 https://www.oregon.gov/osp/programs/cjis/Pages/CJIS-Security.aspx
To Provide Premier Public Safety Service
|
*****CONFIDENTIALITY NOTICE***** This e-mail may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If you are not the addressee or it appears from the context or otherwise that you have received this e-mail in error, please advise me immediately by reply e-mail, keep the contents confidential, and immediately delete the message and any attachments from your system.
| |
TLP: WHITE
TO: ALL MS-ISAC and EI-ISAC Members
DATE: April 2, 2020
SUBJECT: FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing - TLP: WHITE
On March 30, 2020, the FBI released an article, warning users of teleconferencing sessions being hijacked (also being referred to as “Zoom-bombing”) all over the nation. The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language. In the wake of reports of this activity being reported to the FBI’s Internet Crime Complaints Center (IC3 -ic3.gov), they have published the following recommendations:
- * Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- * Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- * Manage screensharing options. In Zoom, change screensharing to “Host Only.”
- * Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- * Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.
