Zoombombing & Russian Misinformation

As anyone who’s ever run a webinar knows, an online presentation gives you a lot to worry about even when your technology actually cooperates. Managing an audience on top of giving your own prepared statements takes skill even in the best of circumstances, naturally. But things get significantly worse if, on top of letting good-faith attendees speak, you also have to guard against trolls and disruptions.

These problems are only compounded when said trolls are coming from a source with a vested geopolitical interest in online disruption and cyberattackers.

This was much the situation faced in a panel hosted on-premises at the University of Nebraska-Lincoln and broadcast online via Zoom. The panel in question suffered serious disruption, though arguably it wasn’t the fault of any actual hosts (or indeed anyone physically on campus).

What happened?

On March 1st, 2022, students and faculty at the University of Nebraska-Lincoln (UNL) organized a panel to discuss the war in Ukraine and how other students could help Ukrainians. Presumably to engage a wider audience, the in-person panel was also broadcast over Zoom.

Shortly into the broadcast, however, it was interrupted by unknown parties who screamed over the presenters in Russian and spammed the presentation with explicit content.

The panel was quickly able to regain control of the situation and kick out the disruptors. Speakers at the event emphasized strength and unity in the face of the attack. Of course, news outlets noted that disruptions such as this represent nothing short of a firsthand encounter with Russian disinformation campaigns.

Why did the disruption occur at all?

In the context of the event itself, this one brief interruption could be dismissed as a nonissue. Not only was this a fairly small and fairly local event, but the incident at play was also resolved quickly. You might very well ask, how does this interruption present any larger problem?

Although we can certainly applaud the event organizers at UNL for handling the interruption skillfully, the fact that trolls broke through at all is cause for concern. Typically, trolls of this nature aren’t concerned with being booted out of a session quickly; currently, their goal is not necessarily to convince the world of their misinformation but to shape the narrative in Russia. For those purposes, just the act of breaking into a Ukraine-related discussion is enough, because that disruption alone, no matter how brief, can be spun into propaganda efforts.

So like in the UNL example, it’s certainly possible to deal with presumed Russia-aligned trolls who break into video conferences with skill and resilience. However, doing so does nothing to thwart those trolls’ actual efforts. And because they’ve achieved something simply by breaking into one of these online panels, it’s safe to assume they’ll continue bursting into others with the same goals in mind.

All this underscores the fact that when it comes to cybersecurity, expecting end-users to solve problems themselves is little more than a stop-gap measure. To create lasting safety, be it in videoconferences or in other digital communications, the responsibility ultimately falls to the technology itself.

In the case of UNL’s Zoom intrusion, then, it’s worth weighing what role the technology itself played.

Is the technology really to blame here?

At the most charitable, in this case, the technology certainly doesn’t seem to have helped much.

UNL’s Ukraine event was accessible via a public Zoom link, effectively giving anyone in the world access so long as they saw the invite. Furthermore, the way Zoom defaults to setting up a panel allowed any public attendee to speak and present files at will. While in an ideal setting, this would allow for a more democratic and open forum, in practice it allows for trolls to cause a scene.

Before we blame this disruption on how the conference was set up, it’s worth entertaining the possibility that the organizers didn’t have many other options for their panel’s format while using Zoom. After all, this is hardly the first time Zoom as a platform has come under fire for disruption issues. Since the rise of the platform during the 2020 pandemic, trolls have disrupted Zoom calls so frequently that users coined a term for it: “Zoombombing.” Actually, during this period in particular, Zoombombing was so common the FBI actually stepped in to issue a warning about it. A year afterward, Zoom paid out $85 million to settle a lawsuit over the disruptive practice.

In light of Russia-aligned trolls disrupting UNL’s discussion of Ukraine, then, we should consider how well Zoom helps secure online presentations.

That means asking questions like:

    • How easy is it to set up a private session?
    • How limited can the average user make open sessions?
    • What verification measures can be put in place for attendees?
    • How much control will an attendee have over the session compared to organizers?

Again, having a system that can address these questions adequately will ensure disruptions don’t occur in the first place — both creating better online sessions and fighting the flow of disinformation at its source.

Is the security of a video platform actually that important?

Unequivocally, it is. And Zoom itself demonstrates this.

Even outside of publicly disrupted video calls, Zoom hasn’t had the best track record when it comes to security. In 2020 alone, Zoom violated its own privacy policy by sending user data to Facebook, unnecessarily routed calls through Chinese-owned servers and suffered a data breach that led to 530,000 user account credentials being sold on the dark web. Even worse, the platform’s poorly optimized security measures caused users to unknowingly make thousands of conference recordings publicly available on the web.

In normal circumstances, this represents a serious potential for breaches of confidential information on top of general privacy violations. But considering the fact that Russia is stepping up online disinformation campaigns — and, quite likely, its established pattern of cyberattacks — it’s all the more important to keep your data as well as your conferences secure.

But just when it comes to stopping the flow of disinformation, it’s critical to halt that process at its source. That means keeping out likely disruptors from the word “go” — and as it stands, that doesn’t seem to be something Zoom provides easily.

Looking for a solution that does provide that security? Learn how Wildix, the fully secure-by-design communications platform, stacks up against Zoom in our earlier blog post.

Social Sharing

Leave a Reply