With COVID-19 affecting most everyone in our nation in some way or another, video conferencing software has been utilized by many during this time of crisis. Most recently, some security analysts found data for over 500 million Zoom accounts on the dark web. Most of these credentials were harvested from other data breaches across many different organizations and applications. These credentials were then “stuffed” into the Zoom login page to determine if these credentials were still valid credentials for users on the Zoom platform. This resulted in the list of over 500 million accounts, passwords, and other user data from the Zoom data breach to be dumped on the dark web. Some of these accounts were given away for free on these sites to promote “Zoom Bombing pranks” and other “malicious activity” on the virtual meetings. Others were sold for less than a penny for a few hundred thousand accounts.
Credential Stuffing
This method of “credential stuffing” is fairly common practice in the threat actor ecosystem, since they can gather thousands of known good credentials from a single breach and try to see if any of those users also used them on other platforms. Therefore, NEVER re-use any password from one site on another site to prevent this type of attack.
With the current state of the world and everyone working from home, security must be at the forefront to keep data secure. At the very least, you should be checking https://haveibeenpwned.com/ every six months to see if any of your emails or passwords have been released on the dark web. A better solution is to set up a password manager that can store each “unique” credential securely, so you don’t have any duplicated passwords, plus some of these will check the “haveibeenpwned” database automatically and alert you to known compromised credentials.
Multi-Factor Authentication
Finally, if the service or platform allows it, set up two-factor or multi-factor authentication on your account. This process follows the model of: knowledge, inherence, and possession. This allows for a more secure account since you will also now need that third piece of authentication, usually a mobile device (possession), in addition to your username (inherence), and password (knowledge) to get successfully logged into the account.
Do you already have your email on Microsoft Office365? Sikich offers Microsoft Teams as a Secure platform for Collaboration and Video Conferencing. Teams is on most Office365 Business or Enterprise subscriptions, and you can start using it today. Default settings need some modifications to create a secure environment, including setting up MFA for each of your users, and either enabling or disabling Guest Access to teams in the organization. I have been involved in many Teams tenant configurations and presented numerous Teams Training sessions with clients and end-users alike to highlight all the features of the platform.
Contact Sikich to work with a well-known trusted Microsoft partner to unlock the full potential of Microsoft Teams to secure your communications today!
