A US congressman says that miscreants have managed to disrupt a Zoom meeting held at the highest levels of the US government, despite warnings against using the software.
The event took place on April 3, according to a letter sent to the House Oversight Committee chairwoman by Rep. Jim Jordan (R-Ohio).
“[I]n spite of the warnings by the FBI and media outlets, on April 3, 2020, you held a Zoom-hosted Member briefing on women’s rights in Afghanistan with the Special Inspector General for Afghanistan Reconstruction (SIGAR),” Jordan wrote.
“During this important briefing, the session was ‘Zoom-bombed’ at least three times,” Jordan said.
Zoom-bombing is a new term coined this past month, during the coronavirus (COVID-19) pandemic, when the use of the Zoom teleconferencing service has skyrocketed.
It refers to pranksters who connect to Zoom meetings to disrupt proceedings by hurling insults, playing pornographic material, or making death threats against other participants.
The practice is rampant these days, and the FBI sent a nationwide security alert on March 31, warning government agencies and the private sector against leaving Zoom meetings open to unvetted participants.
While most Zoom-bombing events usually target school classrooms and business meetings, some events have known to have disrupted local governments across the US — such as in Michigan and Wisconsin.
The Zoom-bombing of a House Oversight Committee meeting marks the first known case of a Zoom-bombing event hitting the US federal government.
Ironically, the event took place one day after the US Senate sergeant at arms sent an advisory to Senate staff warning against using Zoom.
Now, Rep. Jordan wants the House Oversight Committee, the main investigative committee of the United States House of Representatives, to stop using Zoom to hold their meetings as well.
Rep. Jordan also cited a long list of security woes that have been reported as impacting the Zoom service, as a reason to ditch the app.
“Given the concerns surrounding Zoom’s security, it is clear Zoom is not an appropriate platform for Committee business, which may be particularly sensitive during the COVID-19 pandemic. Please immediately suspend any current or future use of Zoom systems for official committee activities and take immediate steps to evaluate the Committee’s internal cybersecurity preparedness to prevent hackers from accessing sensitive committee information through the Zoom platform.”
Besides the FBI and the US Senate, the US Department of Defense had also warned staffers against using Zoom, citing the same security issues and the danger from Zoom-bombing and unauthorized access to Zoom meetings.
On April 4, after disruptions to local government Zoom meetings, the US Department of Justice declared Zoom-bombing a crime.
In light of recent reports of security flaws and Zoom-bombing attacks, Zoom promised to improve its security posture and has already begun rolling out updates, hiring outside security consultants, and revamping its bug bounty program.