The National Cyber Emergency Response Team (CERT) has issued an advisory warning about a rise in cyber threats targeting video conferencing platforms, including Zoom and Google Meet.
According to National CERT, the increased reliance on online meeting applications has led to a surge in incidents such as unauthorized access to meetings, account takeovers, and data leaks.
Platforms used without proper security measures are particularly vulnerable to hacking, data theft, service disruption, and attacks on participants’ devices.
“Zoom Bombing” and Unauthorized Access
The advisory highlighted that attackers are exploiting weak security controls to enter private meetings without permission, a practice commonly referred to as “Zoom bombing”. Such breaches can expose confidential discussions, sensitive data, and organizational systems to significant risk.
National CERT noted that successful attacks could result in:
Unauthorized participants joining meetings
Leakage or theft of sensitive information
Service disruption through denial-of-service (DoS) attacks
Misuse of platform management tools and interfaces
Recommendations to Reduce Cyber Risks
To minimize threats, National CERT advised the following precautions:
Share meeting links securely and distribute meeting IDs just before sessions start
Enable waiting rooms and lock meetings after all participants have joined
Limit screen sharing to hosts by default
Treat meeting links like sensitive login credentials
Keep devices and software updated regularly
Organizational Security Measures
The advisory also emphasized the need for stronger organizational controls, including:
Layered security measures
Network segmentation
Intrusion detection systems
Continuous monitoring of meetings and systems
In case of suspicious activity, National CERT recommended:
Immediately removing unauthorized users
Reporting incidents promptly
Reviewing system logs for irregularities
Ensuring secure backups of critical data
Advisory Aimed at Government, Businesses, and Individuals
National CERT stated that the advisory is designed to help government departments, businesses, and individual users reduce cyber risks as reliance on online meeting platforms continues to grow.
