Fresno State Zoom-bombing highlights Zoom’s security concerns

Zoom has been subject hacking in recent month. The company hopes the latest update will prevent further Zoom-bombing. (Courtesy Tribune News Service)

A Zoom session hosted by a Fresno State professor was Zoom-bombed with highly disturbing images on Monday, April 20.  

Around 3 p.m., a Media, Communications and Journalism Department meeting of 14 people, including seven students, was Zoom-bombed with disturbing images of child pornography. 

Zoom-bombing occurs when someone joins a Zoom meeting and uses the screen sharing tool to “bomb” the screen with illicit and often disturbing images. 

The images were shown through the screen sharing tool on Zoom and “surprised everyone,” said Faith Sidlow, a professor in the Media Communications and Journalism (MCJ) Department, who witnessed the event. 

According to Sidlow, the Zoom meeting did use the password feature, but it had been posted on social media, and the waiting room, a feature that allows the meeting host to manually let participants in one by one in order to screen who enters the meeting, was not used. 

“We already have protocol in effect for Zoom meetings to prevent this exact incident,” Sidlow said. “I don’t think we had those security measures in place at the time.”  

According to Lisa Boyles, the public information officer for University Communications, the MCJ department professor ended the session as soon as the incident occurred. 

The incident was reported to the campus police station and is currently under investigation. 

“After this incident happened, they [Fresno State] stepped it up, and Zoom,” Sidlow said. “Both enforced more secure measures so that the faculty didn’t have to go in and decide which security measures to put on their particular meeting.”

Many of those measures are now default for Zoom meetings.  

According to Sidlow, the university also offered counseling to the faculty and students affected by the incident. 

The California State University Chancellor’s Office, on Fresno State’s web page for COVID-19-related information, said that the ease of entering Zoom sessions has become a liability because of the rise of vandals entering and disrupting Zoom sessions, sometimes in extremely disturbing ways.

According to the chancellor’s office, there is also concern about Zoom’s data security, but that the CSU system will advocate for the protection of its members’ privacy. 

Both Fresno State and Zoom are working toward making Zoom sessions safer for users and reducing the risk of zoom-bombing incidents. 

“We are actively working to educate our campus community about best practices they can put into place to secure online meetings and virtual instruction and prevent this from happening,” Boyles said. 

“We do not believe that Zoom poses any special risks greater than other software that you use,” the chancellor’s office said. “[We] believe that Zoom is a responsible company and that they are taking seriously the issues that have arisen under the heightened scrutiny they are currently facing.”

“I know there won’t be any possibility of anybody in the MCJ department ever having something like that happen again because we are now all very conscious of how important it is to lock everything down,” Sidlow said. “I think that what students should know is that the university takes this extremely seriously and they have the utmost concern for the wellbeing of our students. That’s why they have implemented every security measure that they can to make sure our students are protected.”

Vice President for Information Technology and Chief Information Officer Orlando Leon, in a recent communication sent out on April 17, said, “Most CSU campuses have been using Zoom for several years now and support its continued use while applying best practices to safeguard meetings from disruption.”

According to Colleen Rodriguez, in an article she wrote for Zoom Blog, the platform’s official blog site, Zoom has been working on a 90-day security plan, in an effort to improve Zoom security and help prevent incidents such as the zoom-bombing that targeted Fresno State. 

The new update to Zoom will include new features to increase security, such as a more advanced encryption, to “resist against tampering,” making the waiting room option a default when scheduling a meeting and more complex meeting passwords. 

Rodriguez, in the blog post, said the update, Zoom 5.0, is “a key milestone in our 90-day plan to proactively identify, address, and enhance security and privacy capabilities of the Zoom platform.” The update is available for download. 

“On balance, as long as campus users have the information they need to use Zoom with appropriate safeguards, we don’t believe that it’s necessary for the CSU community to be concerned about communicating with Zoom,” the chancellor’s office said

Fresno State has found Zoom to still be an effective tool for communicating and conducting classes virtually. 

“…For me as a professor, I feel confident when I have a classroom zoom session, that I’m not going to have a problem,” Sidlow said.  

Previous Story Fresno State officials discuss fall instruction, refunds article thumbnail mt-3

Fresno State officials discuss fall instruction, refunds

Next Story Former Collegian advisor, longtime reporter remembered for his storied career article thumbnail mt-3

Former Collegian advisor, longtime reporter remembered for his storied career