The surge in video conferencing use during these challenging times shows us the power of community and being connected digitally. Video conferencing lets us share what’s important to us in realtime and to solve problems together without having to be physically present in one location.
At Palo Alto Networks, we have embraced video conferencing to strengthen our channels for connecting with and supporting our customers, to transform how we lead and work together and to protect our company from cybersecurity threats.
Video conferencing security risks
With the rise in popularity of video conferencing for business meetings, remote education and virtual social gatherings, miscreants have started a series of new attacks targeting video conferencing technologies and their users. Here are a few that we’ve observed to date, and how organisations can take steps to address them:
- Meeting bombing. In this type of attack, an uninvited guest joins a video conferencing meeting either to listen in on the conversation or to disrupt the meeting by sharing inappropriate media. These incidents are possible when:
- You do not require a password.
- The attacker is able to discover or guess the meeting ID, known as war dialling. War dialling software makes it possible for the attacker to find out the meeting ID, as well as information about the meeting including the meeting name and the meeting organiser.
- Malicious links in chat. Once attackers gain access to your meeting room, they can trick participants into clicking on malicious links shared via the chat, allowing attackers to steal credentials. This reinforces that it’s more critical than ever to require passwords for all meetings.
- Stolen meeting links. Reusing meeting links makes it easy for attackers to use them too. To avoid unauthorised access to your meetings, turn on notifications that will let you know when someone has joined your meeting room without you. Or better yet, don’t allow others to join your meeting before you do by disabling Join Before Host.
- Data shared with third parties. For SaaS services, first, ensure security controls are in place to protect your data, and then ensure those controls are configured properly. SaaS security solutions, like Prisma SaaS, automatically detect and remove the sharing of files that have confidential or personal information. For non-SaaS services, it’s important to have data protection agreements in place with third parties that address appropriate security controls; for example, data encryption, role-based controls for authorised users to access, etc.
- Malware or zero day attacks. When it comes to zero day attacks, legacy anti-virus software is no match. You will need to protect from malicious activity by layering security at the endpoint and in the network.
Protected by the security cloud
To strengthen our defences against this new wave of cyber attacks targeting video conferencing, we need to work together. Palo Alto Networks is helping customers create video conferencing Indicators of Compromise. We have the ability to see threats ahead of the curve, and with the power of the cloud, we can instantly share this knowledge with our 70,000+ customers.
Many of our customers have proactively reached out to share security best practice stories and what has worked during these challenging times. This allows Palo Alto Networks the unique opportunity to help protect customer endpoints as well as video conferencing and internet traffic, using Cortex XDR and Prisma Access. This 360-degree security view of endpoints and traffic has been key to helping protect our customers against video conferencing threats, while ensuring that companies can continue to collaborate and maintain critical human contact as they rapidly scale a remote workforce.
Video conferencing security tips
We have also increased our security education and awareness efforts to help ensure the safe and secure use of video conferencing technologies. Anyone using video conferencing should review what can be done to protect communications. Here are our top tips for video conferencing security:
- Require passwords: As a meeting host, this is the No. 1 action that you can take to secure your meetings: Make passwords mandatory for all your meetings to protect against uninvited guests and to secure information about the meeting, including meeting name and organiser.
Verify attendees: Be sure to check the attendee list when sending out the meeting invitation, and review the participants list during the call. Remove anyone on the call who is not supposed to be a part of the meeting. For meetings where confidential information is being shared, such as a company all-hands meeting, increase security by requiring participants to authenticate by logging in before they can join the meeting.
Check meeting links: When you receive a meeting invitation, verify that it’s from a known, trusted sender. Also, check the meeting link before clicking, watching out for malicious links with “.exe,” for example. There’s a steep rise in phishing attempts where malicious links have the names of video conferencing vendors embedded but they take you to phony login sites. By using password-embedded links, you will increase security and reduce war dialing, a technique used to discover or guess the meeting ID.
Patching: Make sure your video conferencing software is patched with the latest vendor-provided updates and have automated upgrades turned on.
Keep confidentiality: Keep confidential conversations private, and be sure you’re not accidentally sharing anything confidential on your laptop or in your background. Virtual backgrounds have gained popularity for a change of scenery!
Review your security settings: Review and enable appropriate security and privacy settings to prevent threat actors from exploiting known vulnerabilities.
Keep kids secure: As kids are connecting via video conferencing for school and other activities, parents can help them do so securely and teach them how to be safe online. Talk to kids about not chatting with strangers or giving out private and personal information.
Report suspicious activity: Remember to report any suspicious activity to your corporate Information Security and Information Technology teams. If you are using an external video conferencing technology for non-work related calls, reach out to the vendor for the best way to report suspicious activities.
Use tech to protect: At Palo Alto Networks, we use our own technologies to protect employees when they connect via video conferencing, and when they are accessing internal resources. This is happening seamlessly in the background. Cortex XDR monitors the app and protects our endpoints from malware, while Prisma Access protects network connectivity when employees are browsing the internet.
By Niall Browne, SVP and CISO at Palo Alto Networks.