The National Cyber Emergency Response Team (CERT) has issued an advisory warning about a rise in cyber threats targeting video conferencing platforms, including Zoom and Google Meet.
According to National CERT, the increased reliance on online meeting applications has led to a surge in incidents such as unauthorized access to meetings, account takeovers, and data leaks.
Platforms used without proper security measures are particularly vulnerable to hacking, data theft, service disruption, and attacks on participants’ devices.
“Zoom Bombing” and Unauthorized Access
The advisory highlighted that attackers are exploiting weak security controls to enter private meetings without permission, a practice commonly referred to as “Zoom bombing”. Such breaches can expose confidential discussions, sensitive data, and organizational systems to significant risk.
National CERT noted that successful attacks could result in:
-
Unauthorized participants joining meetings
-
Leakage or theft of sensitive information
-
Service disruption through denial-of-service (DoS) attacks
-
Misuse of platform management tools and interfaces
Recommendations to Reduce Cyber Risks
To minimize threats, National CERT advised the following precautions:
-
Share meeting links securely and distribute meeting IDs just before sessions start
-
Enable waiting rooms and lock meetings after all participants have joined
-
Limit screen sharing to hosts by default
-
Treat meeting links like sensitive login credentials
-
Keep devices and software updated regularly
Organizational Security Measures
The advisory also emphasized the need for stronger organizational controls, including:
-
Layered security measures
-
Network segmentation
-
Intrusion detection systems
-
Continuous monitoring of meetings and systems
In case of suspicious activity, National CERT recommended:
-
Immediately removing unauthorized users
-
Reporting incidents promptly
-
Reviewing system logs for irregularities
-
Ensuring secure backups of critical data
Advisory Aimed at Government, Businesses, and Individuals
National CERT stated that the advisory is designed to help government departments, businesses, and individual users reduce cyber risks as reliance on online meeting platforms continues to grow.
