Zoom Invests into Hiring Outside Security Experts to Fix Exploits as Hackers are Selling Them Online

The FPS Review may receive a commission if you purchase something after clicking a link in this article.

Zoom Logo
Image Credit: Zoom Video Communications Inc

Growing pains are often seen in various industries when a product suddenly gains immense popularity. In the tech world such pains usually manifest in the form of security exploits being discovered. This very thing happened in recent weeks as Zoom’s popularity skyrocketed in the wake of the COVID-19 outbreak. As many adopted the video conferencing platform as either a means to work from home, or stay in touch with family members, severe exploits were quickly exposed. It was not a surprise when lawsuits and investigations ensued amidst these occurrences.

A large part of the appeal, and rapid adoption, for Zoom came from its free version and ease of use. As is common with many free wares not all security features are enabled or available. A new practice called Zoombombing began to spread like wild fire as well. It was the act of someone gaining unauthorized access to a meeting allowing them to join in the meeting. This particular vulnerability could be mitigated by taking 4 steps with the app. Another issue is how Zoom incorporates UNC(universal naming convention) into the apps usage. This could allow attackers to gain access to Windows credentials.

The latest events

Hackers have now taken to selling their knowledge of exploits for both Windows and MacOS devices online. They have chosen to market zero-day vulnerabilities as well. Prices for such sought after knowledge can set you back the better part of $500,000 though. Parent company, Zoom Video Communications Inc., has now turned its attention into expanding their security efforts. MarketWatch has reported that they have now begun hiring outside experts from a variety of sources. These include privacy experts from Facebook, Google, and Microsoft. One such hire, Alex Stamos, a former chief security officer from Facebook, likened it to taking a page from Microsoft’s playbook. This is a reference to when Microsoft put greater efforts into its security issues with Windows in 2002.

Peter Brosdahl
As a child of the 70’s I was part of the many who became enthralled by the video arcade invasion of the 1980’s. Saving money from various odd jobs I purchased my first computer from a friend of my dad, a used Atari 400, around 1982. Eventually it would end up being a lifelong passion of upgrading and modifying equipment that, of course, led into a career in IT support.

Recent News