Capitol Fax.com - Your Illinois News Radar » Learn something new every day
SUBSCRIBE to Capitol Fax      Advertise Here      About     Exclusive Subscriber Content     Updated Posts    Contact Rich Miller
CapitolFax.com
To subscribe to Capitol Fax, click here.
Learn something new every day

Wednesday, Apr 1, 2020 - Posted by Rich Miller

* Um

A virtual press conference hosted by Chicago politicians was cut short after someone hijacked the conference call and started streaming pornographic images.

On Tuesday morning, Ald. Brian Hopkins (2nd), Ald. Byron Sigcho-Lopez (25th), and Illinois State Reps. Theresa Mah and Ann Williams held a private press conference with organizers, health officials and reporters on popular teleconferencing platform Zoom.

The leaders aimed to call on Mayor Lori Lightfoot and Gov. JB Pritzker to close metal scrappers polluting Chicago neighborhoods including General Iron in Lincoln Park and the Sims Metal Management in Pilsen, particularly because of the respiratory nature of COVID-19.

But 16 minutes into the Zoom chat, that push was interrupted by a person who said: “Yeah, I don’t care.”

As confusion set in, a pornographic video that included images of a woman who was not fully clothed began playing on the video call.

I work alone from home when the General Assembly is not in session and I’ve never used Zoom or anything like that until last week when several pals and I connected over some cocktails to celebrate a birthday. All of this is new to me.

* It could’ve been worse. From the FBI

As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the COVID-19 crisis, reports of VTC hijacking (also called “Zoom-bombing”) are emerging nationwide. The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language.

Within the FBI Boston Division’s area of responsibility (AOR), which includes Maine, Massachusetts, New Hampshire, and Rhode Island, two schools in Massachusetts reported the following incidents:

    • In late March 2020, a Massachusetts-based high school reported that while a teacher was conducting an online class using the teleconferencing software Zoom, an unidentified individual(s) dialed into the classroom. This individual yelled a profanity and then shouted the teacher’s home address in the middle of instruction.
    • A second Massachusetts-based school reported a Zoom meeting being accessed by an unidentified individual. In this incident, the individual was visible on the video camera and displayed swastika tattoos.

As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts. The following steps can be taken to mitigate teleconference hijacking threats:

    • Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
    • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
    • Manage screensharing options. In Zoom, change screensharing to “Host Only.”
    • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
    • Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

       

19 Comments

  1. - Stones - Wednesday, Apr 1, 20 @ 12:01 pm:

    Sounds similar to the Max Headroom incident at WFLD back in the day. They never solved how that was done or who was behind it.


  2. - Oswego Willy - Wednesday, Apr 1, 20 @ 12:10 pm:

    === I’ve never used Zoom or anything like that until last week… All of this is new to me.===

    It’s been a blessing for a short while, for me, not too long, and even more so since February.

    Also, now twice, done “drinks by Zoom”… good for mental health.


  3. - OneMan - Wednesday, Apr 1, 20 @ 12:11 pm:

    Stones,
    They have a decent idea of how it was done, still no idea on the whom.
    It was WGN and WTTW
    https://en.m.wikipedia.org/wiki/Max_Headroom_signal_hijacking


  4. - Live Wire - Wednesday, Apr 1, 20 @ 12:13 pm:

    I use Google Hangouts and send the link directly to the person.


  5. - Stones - Wednesday, Apr 1, 20 @ 12:19 pm:

    Thank you OneMan. My memory is cloudy but I saw a piece on that the other day.


  6. - All this - Wednesday, Apr 1, 20 @ 12:33 pm:

    General Iron is already going to move this year. Why close them?


  7. - Blue Beard - Wednesday, Apr 1, 20 @ 12:39 pm:

    Well, at least the activist alderman of the 25th Ward found his way in the news once again. He just loves being the center of attention.


  8. - Captain Obvious - Wednesday, Apr 1, 20 @ 12:47 pm:

    Anybody ever seen the movie “Used Cars”? Drive in cult classic from the late 70s. “20,000 for a used Mercedes? That’s too (really, really bad banned word) high(banned puctuation)


  9. - Telly - Wednesday, Apr 1, 20 @ 12:47 pm:

    Beware state legislatures and local governments contemplate teleconferencing their meetings and actual votes. The zoom-bombing so far has come from goofy, tech-savvy amateurs. Just wait until state-sponsored pros in Moscow and Beijing decide to join in the fun.


  10. - KSDinCU - Wednesday, Apr 1, 20 @ 12:49 pm:

    I read something about trolls disrupting online AA meetings, Truly awful, and I imagine the anonymity might make it a little trickier to secure such a meeting–you wouldn’t necessarily have everyone’s emails to send a password to. I really feel for anyone working to stay sober who is not able to connect with their support group.


  11. - Candy Dogood - Wednesday, Apr 1, 20 @ 12:49 pm:

    The backbone of a lot of the video conferencing networks is the a modern version of internet relay chat which is sort of another way of saying is not at all secure. Some of the lack of security is also by design — thank you very much NSA and other federal spy agencies.

    I don’t know how you kids were spending your time in the 1990s, but if it wasn’t in an internet relay chat room there’s going to be a steep learning curve for folks using discord, zoom, et al, to facilitate meetings.

    It’s healthy to assume that nothing that happens on a chat server that isn’t in your basement, garage, or closet, is public. Some networks also allow for 3rd party hosts, either formally or informally.

    We’re probably just a couple of weeks away from state and local governments dealing with some incredibly embarrassing accidental disclosures of private information due to a lack of familiarity with the underlying security risks of online meeting tools.

    After all, the fundamental purpose of the internet and it’s underlying networks is to share information.


  12. - SOIL M - Wednesday, Apr 1, 20 @ 12:57 pm:

    Is this another case of Carlos Danger strikes again?


  13. - Stuff Happens - Wednesday, Apr 1, 20 @ 1:16 pm:

    UIUC had a classroom hijacked by a Nazi a couple of days ago.

    Unfortunately, with no end-to-end encryption it’s always a risk (although these are mostly by people not knowing how to configure a meeting to be secure-ish).


  14. - Al - Wednesday, Apr 1, 20 @ 1:36 pm:

    Sounds like Roger Stone has found a manner in which to entertain himself while he is in the clink.


  15. - Angry Republican - Wednesday, Apr 1, 20 @ 1:38 pm:

    It is well known in the security and IT community that Zoom has serious privacy and security flaws. I am not surprised pranksters have taken advantage of the increased usage of Zoom and lack of awareness by users.


  16. - Just Another Anon - Wednesday, Apr 1, 20 @ 1:51 pm:

    Happened in Nebraska during a townhall too.


  17. - Been There - Wednesday, Apr 1, 20 @ 2:02 pm:

    My sister is having the nursing home my dad is in set up a Zoom tomorrow. My dad is doing well but if we get hacked that might be a little too much for the old guy. And if it happens to me I would prefer it happened while I am celebrating with some of my friends and not my sisters.


  18. - SSL - Wednesday, Apr 1, 20 @ 2:20 pm:

    Captain Obvious, you have exceptional taste in movies. There are several phrases from Used Cars that regularly work their way into my discussions. None of which can be repeated here.


  19. - Buford - Wednesday, Apr 1, 20 @ 3:04 pm:

    “Beware state legislatures and local governments contemplate teleconferencing their meetings and actual votes.” No need to worry about excess democracy in Whiteside county, most votes by the absurdly large 27-member board are “unanimous” voice votes, presided over by Great Helmsman James Duffy. The intimidated, elderly board members usually look at the floor, and maybe once per year a roll call vote is called for, which Duffy deigns to grant- grudgingly.

    The Whiteside county website showed a “Special County Board Meeting- Conference Call” for Tuesday, March 24, 2020, 3:00 p.m., but no listed way for the little people to listen in. Board meetings are not video taped, minutes are altered and censored, and county deputies do not wear body cams either. No need to worry about anyone hacking county board meetings, secrecy and fear is a way of life in the home county of Nicholas Sheley.


Sorry, comments for this post are now closed.
* Reader comments closed for the weekend
* Isabel’s afternoon briefing
* Things that make you go 'Hmm'
* Did Dan Proft’s independent expenditure PAC illegally coordinate with Bailey's campaign? The case will go before the Illinois Elections Board next week
* PJM's massive fail
* $117.7B In Economic Activity: Illinois Hospitals Are Essential To Communities And Families
* It’s just a bill
* Showcasing The Retailers Who Make Illinois Work
* Open thread
* Isabel’s morning briefing
* SUBSCRIBERS ONLY - Supplement to today's edition
* SUBSCRIBERS ONLY - Today's edition of Capitol Fax (use all CAPS in password)
* Live coverage
* Pritzker calls some of Bears proposals 'probably non-starters,' refuses to divert state dollars intended for other purposes (Updated)
* Yesterday's stories

Support CapitolFax.com
Visit our advertisers...

...............

...............

...............

...............

...............


Loading


Main Menu
Home
Illinois
YouTube
Pundit rankings
Obama
Subscriber Content
Durbin
Burris
Blagojevich Trial
Advertising
Updated Posts
Polls

Archives
April 2024
March 2024
February 2024
January 2024
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
December 2021
November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004

Blog*Spot Archives
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005

Syndication

RSS Feed 2.0
Comments RSS 2.0




Hosted by MCS SUBSCRIBE to Capitol Fax Advertise Here Mobile Version Contact Rich Miller