ICC’s Common Secure team is working closely with Clients and UN Agencies, other international organizations, the private sector, academia as well as law enforcement and intelligence agencies to share information on the cyber threat ecosystem. The team has gathered helpful tips on secure remote conferencing services to share with Partners, Clients and the broader public.
The COVID-19 pandemic has forced individuals and organizations to rapidly adapt to an environment where the default mode of communications is digital. Remote conferencing services have experienced a huge increase in customers as a result.
As an example, Microsoft reported a 500 percent increase in Teams meetings, calls and conferences and a 200 percent increase in Teams usage on mobile devices since January 31, when they made the platform available for everyone. Cisco reported a 22-fold increase in network traffic from WEBEX users in China during February 2020. At the end of March, Google Meet users had experienced more than 60% day-over-day growth. Zoom’s monthly usage heavily increased from an average of 10 million daily meetings to a peak of 200 million daily meetings in March.
While remote conferencing services are meeting an important societal demand, with Microsoft Teams being the widespread tool of choice across the UN family, the surge in popularity has led to increased scrutiny from the security community as well as from malicious threat actors.
During the past few weeks, Zoom has been in the spotlight: there has been a spike in registrations of Zoom-related spoof domains, and threat actors are generating Zoom-themed phishing campaigns. Adware and other unwelcome or malicious software purport to be a legitimate Zoom executable through Zoom-related squatted domains.
Several vulnerabilities were discovered in the client software that theoretically allowed Zoom to access users’ content, gave unauthorized individuals access to ongoing conferences and made it possible to steal user credentials. Zoom was also accused of sharing data with third parties without user’s permissions.
Zoom, which is being used increasingly in UN environments, has issued updates to address security issues on April 1 and 2 and announced a 90-day change freeze on new features. The company also published an article explaining how to keep uninvited guests out of meetings, in addition to a security white paper on these concerns.
Users of remote conferencing services should apply basic security practices when relying on these solutions for business or personal communications. Additionally, ICC’s Common Secure team recommends applying the following best practices:
- Check and choose: Conduct a risk assessment, consider core requirements when selecting a vendor and make sure that those requirements can be met. For example, are meetings sufficiently sensitive that end-to-end encryption is always necessary?
- Assess and evaluate: Evaluate the product’s security features. Subscribing to or licensing these technologies could provide more security features than free versions.
- Set up and use it safely: Avoid posting meeting invitation details publicly.
- Use a unique meeting password on publicly accessible meeting platforms if possible, to prevent unauthorized and uninvited conference attendees.
- Keep the software up to date: Apply security updates for remote conferencing in a timely manner. Vendors may increase the frequency of these updates due to increased stress testing from customers and the security research community.
- Consult Zoom’s security white paper for more details.
Interest in a software product or tool grows commensurately with its increase in market share. The number of vulnerabilities or security issues reported in a product may be a result of extra scrutiny rather than an indication that the product is less secure than its competitors. Greater scrutiny from the security community improves the security of software.
The ICC Common Secure service functions primarily to share timely, relevant, and actionable cyber security threat and incident information. Common Secure enhances the ability of the UN to prepare for, respond to, and mitigate risks associated with these threats.
Common Secure gathers information from participating members, commercial security firms, service providers, federal, state and local government agencies, law enforcement and other trusted resources. ICC has been working since 2015 to build relationships with the cyber community at large on behalf of the UN system in fostering a reputation for action excellence. This uniquely positions the Common Secure team and service to quickly triage, assess, and disseminate cyber threat alerts along with other critical information to organizations across the world.
Common Secure promotes the development of professional, trusted relationships among peers and subject matter experts in order to protect members and the critical infrastructure of international organizations in the UN family. Information is shared so threats can be mitigated from all angles, providing for collaboration among various organizations.