Apr 9, 2020
Source: Securian's Cybersecurity Department
In March, 200 million people used Zoom daily compared to just 10 million in December.
In response to the security concerns raised nationwide relative to Zoom Video and Audio services, Securian has updated the required security configuration requirements. If each Zoom user adheres to the requirements, we believe reasonable security controls are in place to continue using Zoom to remain connected with clients and continue to conduct business.
Please refer to the ZOOM page on SecurianAdvisor for details. ZOOM
Below is a summary of the risks and the effort to mitigate or reduce the risk. If you have not already, please take any action needed.
- Ensure each session has a “session password enabled.” Passwords will inhibit threat actors from accessing sessions, or “Zoom Bombing.”
Zoom Software Update
- To address some of the security concerns, Zoom released an update to the client software that runs on your computer. Verify that you have installed the update. (v4.6 19253.0401). (Log in to Zoom, click your profile picture, click “about Zoom” or “check for updates.”)
- Managed computers should have security patches pushed to them automatically to ensure the Windows 10 operating system remains patched.
The chat functionality has been identified as a risk and is open to several vulnerabilities.
- If a user joins a meeting with “chat enabled” it is possible for a threat actor to hack passwords or introduce malicious links through chat sessions. In addition, chat may also allow unauthorized individuals to join a session and potentially view client information or even record it.
- MAC Computers remain vulnerable due to two privilege escalation vulnerabilities. It is not possible to deploy updates to unsupported hardware therefore, MAC Computers should not be used to conduct business.
ZOOM ENABLED CHANGES
- On Sunday April 5, Zoom enabled (by default) both a default password and waiting room feature. Each user must keep these features enabled.
- Zoom appears to have removed the servers hosted in China from the server rotation. Traffic to these servers stopped completely during the evening of 4/2/2020.