Andria Spindel’s Monday webinar on combating antisemitism was only a few minutes in, when it became obvious there was something wrong.
“We could see people sending chat messages that were unpleasant, they were asked to stop… and then things erupted,” Spindel said.
The dozens of Jewish video chat users, who had logged on from around the country to listen to a presentation by the Canada Antisemitism Education Foundation, appeared to have had their webinar hacked.
“The screen was suddenly taken over,” Spindel said. “Then there were unpleasant voice messages and sounds. We thought we heard Hitlerian marching music in the background, which made everyone really shudder. People were dumbfounded, I thought I heard somebody crying.”
“Somebody yelled ‘Seig Heil’ and then we saw pornography at that point and then we all shut down.”
“It was absolutely disgusting and revolting,” Michael Mostyn, the CEO for B’nai Brith Canada, said.
“We had heard about activities taking place in other parts of the world, but this is the first instance we’re aware of where a specific Jewish group was targeted for antisemitism in this way,” Mostyn added.
The webinar organizers were using Zoom for the online presentation — a video conferencing platform that has become a popular target for hackers, in a trend that is now called “Zoombombing.”
“It’s opportunistic and it happens all over the world,” cyber security expert Rob Howes said.
“Often times, companies don’t spend enough time on security,” added Howes. “They want to put a lot of features to market, and this has been a criticism of Zoom for quite some time — where they’re more concerned about functionality for the user than they are about security.”
Howes adds that the self-isolation required during the COVID-19 pandemic has led to a surge in people using online video conferencing to do their jobs or socialize, which has made more people vulnerable to these kinds of cyber attacks.
“When you have a situation when everyone has gone from a corporate environment with a protected network to now working from home, generally what hackers will do is they will try and attack the end point — which is the worker who is now at home,” said Howes.
Another online video conferencing app called Houseparty has also come under fire after reports of hackers breaking into private chats.
The company said it is investigating the allegations and added that it believes the “rumours” were party of a “paid commercial smear campaign.”
Houseparty is now offering a $1 million bounty for anyone who can provide proof of the alleged smear campaign.
We are investigating indications that the recent hacking rumors were spread by a paid commercial smear campaign to harm Houseparty. We are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign to firstname.lastname@example.org.
— Houseparty (@houseparty) March 31, 2020
Howes adds that when it comes to who bears the responsibility of keeping the lines of communication safe from hackers, it’s a combination of the corporation and the user.
“Corporations have an ethical responsibility to provide and build secure services and products on platforms for consumers and for other corporations,” Howes said, adding that there isn’t a lot of governance around companies being held accountable for securing their products from hackers.
He said that it’s also up to the video chat user to do their market research.
“As a user, generally speaking, they go online and search ‘video conferencing’ and they click on the first tool they see,” Howes said.
“That’s because a company has invested in a marketing solution which puts their product on epage one of Google search. That doesn’t mean it’s a good product.”
In a response to Global News, Zoom said they “are deeply upset to hear about the incidents involving this type of attack.”
The video conference company adds that it “encourages hosts to review their settings, confirm that only the host can share their screen, and utilize features like host mute controls and “Waiting Room.”
Spindel admits that her organization could’ve done more to make sure their online video chat attendees were protected from hackers.
“I wanted to get the message out to Jewish and non-Jewish organizations that they need to be better prepared than we were,” she said.
“Many people will be having family dinners online with Passover coming and I would hate to see this happen at a family event.”