[Moller_L2] FW: Zoom Meeting Incidents and Protection

James Fast jfast at jlab.org
Tue May 16 17:29:45 EDT 2023 

Folks,
Just a reminder about use of JLab Zoom connections….

James Fast
MOLLER Project Manager
EICPP Project Manager
Jefferson Lab
757-230-6833 (cell)
757-269-5324 (office)


From: JLab CST Division <JLab_IT-Division at jlab.org>
Date: Tuesday, May 16, 2023 at 2:22 PM
To: James Fast <jfast at jlab.org>
Subject: Zoom Meeting Incidents and Protection
JLab CST Division
<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D42abd080b6-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=zx4TGyFi_Syxc6MvV24Nyy5xlV_yGbtu1056pCyNkqM&e=><https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D42abd080b6-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=zx4TGyFi_Syxc6MvV24Nyy5xlV_yGbtu1056pCyNkqM&e=>
INTERNAL MEMO


May 16, 2023
Sent on behalf of the CST Division

SUBJECT:  Zoom Meeting Incidents and Protection
CONTACT:  CST Division Help Desk, helpdesk at jlab.org, x7155.

Zoom has notified Jefferson Lab that they have detected potential audioconferencing fraud associated with meetings on the laboratory’s Zoom account.  Zoom initially reported it as suspected compromised accounts.  However, after further investigation it seems to be the result of meeting URLs and connection information being posted on publicly available websites (wikis, Indico, web pages, etc.).

These meetings were typically recurring meetings that did not require the use of the waiting room, allowed people to connect to the meeting at any time, and allowed anyone in the meeting to make outgoing telephone calls. The compromised meetings were used by people not affiliated with Jefferson Lab to make spam telephone calls, hold their own meetings, listen in on Jefferson Lab meetings, etc.

As a result, Zoom made some configuration changes to the meetings that were identified as compromised and to other meetings there were created by the same users that created the compromised meetings.  The configuration changed include:

  *   Turning on the “Waiting Room” feature
     *   Hosts (meeting creators) must admit attendees into the meeting
Co-Hosts can be assigned to help with admitting attendees in the “Waiting Room” after the meeting has started
  *   Turning off "Call Me and Invite by Phone"
     *   Cannot make outgoing phone calls from the meeting
  *   Limiting meeting times to the time of the meeting
     *   Attendees cannot connect to and use the meeting prior to the defined meeting time
As a reminder, please secure your meeting connection information and do not post it on publicly available websites.  Connection information can be emailed to participants or posted on web pages that require a login to access.

Taking such steps to protect your meeting connection information will help to keep our Zoom subscription and meetings working as expected.  Please adhere the following precautions to protect yourself and your meetings:

  1.  Only share the meeting details with those that have a need-to-know.  Especially the meeting URL, ID and the meeting password.
  2.  Only provide connection information to participants via a directed email or posted on web pages that requires a login to access.
  3.  When creating a meeting, require a password to enter the meeting and protect the distribution of the password.
     *   Use passwords of at least moderate complexity
     *   Don’t reuse meeting passwords
     *   Don’t post meeting passwords on open websites or open mailing lists
  4.  Use the Waiting Room feature to control when an attendee joins the meeting.
  5.  Limit the time of the meeting so that attendees cannot connect before or after the meeting.
For more information on ways to secure your Zoom meetings, review the Best Practices for Securing Your Zoom Meetings<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D0860ff4ab8-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=oLgD6P_8DbpE0aX_DZe4fYtBQSED5LRvTEDJV0Iy-40&e=>. Additional information about securing videoconferencing meetings can be found here<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D5bf81ba646-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=QxPovdSnjZKWdPm73asAKgkj4oAsoQBEOS82PFp_4pA&e=>. Taking such steps to protect your meeting connection information will help to keep our Zoom subscription and meetings working as expected.

There are also additional Zoom resources that will help you make the most of this valuable work tool. These include:

  *   Zoom Training Material<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D227c8d8a18-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=IBuU4YhFZzNtYogPBUaOgsXVYPDlU0aj5_8Yi29E1so&e=>.
  *   Zoom Support<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3Db62b7c9052-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=s8JtmdnF0V8nCzoLhpKjEoXP8oqtvLnxU0LtSvm2d08&e=>.
  *   Jefferson Lab ServiceNow Knowledgebase: Zoom<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_track_click-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3Dbb8275df64-26e-3D5f41f7f70c&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=XEZmOfKpQkR-0H4UQdNTpW9f7t9Cga177KU7cVdZ8Xs&e=>.
If you need assistance with Jefferson lab computing issues, please email the CST Division Help Desk at helpdesk at jlab.org.
12000 JEFFERSON AVENUE • NEWPORT NEWS, VA 23606 • USA • WWW.JLAB.ORG






This email was sent to jfast at jlab.org<mailto:jfast at jlab.org>
why did I get this?<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_about-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D141c5c2170-26e-3D5f41f7f70c-26c-3D52b71fa5a2&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=jcpL7r9xw2YL_CGFORya760GTYTzNhM-IjREPediIZA&e=>    unsubscribe from this list<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_unsubscribe-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D141c5c2170-26e-3D5f41f7f70c-26c-3D52b71fa5a2&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=MtTRMxd6gk6u5hXkXecABCP_M3kBGClgoj5IjmqICw0&e=>    update subscription preferences<https://urldefense.proofpoint.com/v2/url?u=https-3A__jlab.us11.list-2Dmanage.com_profile-3Fu-3D1de9c43e6d5e45ff0ecd664cd-26id-3D141c5c2170-26e-3D5f41f7f70c-26c-3D52b71fa5a2&d=DwMFaQ&c=CJqEzB1piLOyyvZjb8YUQw&r=tiz8CevYk4g0CbBFxAIdgA&m=b92qvXIvrF2aTo4OHgZRdxdRupF3YjzHlMES6Hq_m9ykfryiwBSrE9s6fFcDkdt4&s=HeUJ6SfvJXTRSnW9xKlOiVAsYlWYZ9lYZufEixN1r9Q&e=>
Jefferson Lab IT Division · 12000 Jefferson Ave. Suite 15 · Newport News, VA 23606 · USA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.jlab.org/pipermail/moller_l2/attachments/20230516/c53ea5c2/attachment-0001.html>

More information about the Moller_L2 mailing list