Would You Even Know if Hackers Listened to Your Videoconference?
Your videoconference can be hacked. And it's surprisingly simple.
Hacker HD Moore works for security company Rapid7. He spent time looking into flaws in videoconferencing security. What he found was surprising.
Thousands of boardrooms across the nation are configured without safeguards. This means that confidential meetings may run the risk of harboring silent -- and unwanted -- listeners.
Moore was readily able to hack into many systems. He got into a lawyer-client meeting room inside a prison. He also found his way into a venture capital pitch meeting and an operating room in a university's medical center, according to The New York Times.
He was also able to hack into some web cameras used in videoconferencing. In some instances he was able to harness the camera's control functions to zoom in close to documents.
It's strange -- and unsettling -- to find such security risks in these expensive systems. Some videoconferencing tools can cost upwards of thousands of dollars. Most of the time, it's not because there aren't any security functions available. In many instances these configurations simply aren't properly set up or activated.
This may be due to the new aspect of the technology. Lawyers and others in charge of videoconferencing may not be familiar with the safeguards included in the system.
There are steps that law firms can take to combat hackers. For one, they may need to ensure that their systems are set up properly. Moore told The Times that some vulnerable systems were set up outside of company firewalls. He also found a number of systems that were set up to auto-accept individuals who dial-in to meetings.
Instead you can configure your system not to immediately accept dial-ins. You can also try to disable the web camera features for guests.
Videoconferences can be hacked. It seems almost inevitable in this technology-driven age. Hackers and computer spies seem poised to get into virtually every computer system. But you don't necessarily want to make it too easy for them.
Related Resources:
- I Spy Your Company's Boardroom (Wired)
- Online Security for Small Law Firms: Control Employee Web Usage (FindLaw's Strategist)
- Cost-Cutting VoIP Solutions for Law Firms (FindLaw's Technologist)