Deeming it unsafe, Ministry of Home Affairs (MHA) has asked government officials not to use Zoom video meet app for holding meetings. The software of the app is said to be made in China and it is believed that some calls are routed through the country.
The US-based Zoom app, according to the government, can be easily hacked and confidential data and material stolen. While the government officials have been asked not to use Zoom or any other third-party app, the Cyber Coordination (CyCord) Centre of MHA has issued a detailed advisory for private individuals who want to use the platform for private purposes.
Since the lockdown began, many people, including in the government, have taken to using Zoom for video conference calls. Defence Minister Rajnath Singh and BJP president J.P. Nadda have been holding virtual meetings through Zoom. They have all been advised not to use any third party app but only the indigenously developed National Informatics Centre (NIC) platform for official and government video-conferences.
With millions of people working from home due to Covid-19 pandemic, holding company meetings, educational institutions holding online classes, the users of Zoom went from 15 million to 200 million in a matter of days. The Congress party has also been holding all its press interactions on the platform. However, ‘Zoombombing’ has become a nuisance since uninvited members manage to join in the meetings.
The MHA has red-flagged the platform following advisories issued by the national cyber-security agency – Computer Emergency Response Team of India (CERT-in). Though the advisories were issued on February 6 and March 30, the app continued to be in use. The CERT-in advisories had cautioned against the vulnerability of the app.
Its March 30 advisory, CERT-in said: “Zoom is a popular video conferencing platform. Insecure usage of the platform may allow cyber criminals to access sensitive information such as meeting details and conversations.” It asked users to set strong passwords and enable the “waiting room” feature so that call managers could have a better control over the participants.
In its advisory for private individuals, who wish to use Zoom, the MHA has issued detailed guidelines to prevent unauthorized entry in the conference room, to prevent an unauthorized participant to carry out malicious activity on the terminals of others and avoiding DOS attack by restricting users through passwords and access grant. A DOS (denial-of-service) attack is done by hackers to make a machine or network resource unavailable to its intended user (s).