Estimated reading time: 1 minute, 46 seconds

How Zoom’s COVID-19 Spotlight Exposed Cybersecurity Flaws

The video conferencing app Zoom was a rare business success story as the coronavirus pandemic upended daily life, but where cybersecurity is concerned, it may end up as a cautionary tale.

video conference 2766604 640smallZoom has been a go-to for people physically isolating themselves to slow the spread of COVID-19. Since March 18, Zoom’s daily app downloads have been 30 times higher than last year, making it the top free iPhone app in America, as CNBC reports. The app maker said it had 200 million daily users in March, versus just 10 million in December.

But Zoom has also been rocked with security concerns. First came reports of “Zoombombing,” when trolls hijack public Zoom calls and use the screen-sharing feature to display graphic content. Then, a report that Zoom was sending analytics data to Facebook led the service to update its iOS app.

From there, Zoom’s cybersecurity issues became legal and public relations issues. A class-action suit alleged that it shared personal data with third parties without proper consent. New York’s attorney general fired off a letter to Zoom asking about its privacy practices. School districts in a few of the nation’s biggest cities have banned the use of Zoom for remote learning.

Taiwan has forbidden government use of the service. And, Sen. Michael Bennet (D-Colo.) has sent Zoom a critical letter of his own. Personal details of users’ Zoom accounts have reportedly shown up for sale on the dark web. Zoom has even acknowledged that some calls were erroneously routed through China.

Zoom may yet emerge as a different kind of success story: a case study in how to respond to a cybersecurity fiasco. Founder Eric Yuan has repeatedly apologized and promised fixes. He announced a 90-day moratorium on new features so the company can concentrate on privacy concerns. Like Google, Facebook and Twitter, Zoom also plans to start releasing a transparency report.

“It’s a rare case of a company acknowledging their problems, admitting they made mistakes and misleading statements, and laying out concrete steps to fix it," Gennie Gebhart, associate director of research at the Electronic Frontier Foundation digital rights group, told The Washington Post,

Read 4635 times
Rate this item
(0 votes)

Visit other PMG Sites: