Follow Us

Just as quickly as Zoom’s user base increased in size, cybersecurity experts and users across the world revealed multiple serious security gaps and vulnerabilities. Most notable are the concerns in Zoom’s infrastructure, specifically the transmission of meeting encryption keys through China.

Based on our research, we assess that Zoom’s software development is still in a stage of rapid development — its trial by fire. Although most vulnerabilities have been fixed, this trial by fire clearly shows that Zoom is still developing its platform and security practices. Vulnerabilities are still prone to occur.

We strongly recommend to not use Zoom for highly-confidential or private communication, especially for:

While these and other organizations have banned or put restrictions on Zoom, it still remains one of the most commonly used apps in the world. Is the latest release of Zoom 5.0 secure? Well, it’s more secure than Zoom 4.0 and is becoming more and more secure with each week; however, you, the individual user, and your meeting participants will have to decide what level of security you are all comfortable with.

This means Chinese authorities could ask Zoom to reveal these encryption keys, and Zoom would have to comply. Although this is in the realm of possibility, no evidence has been shown that authorities in China or any other nation-state have obtained encryption keys to Zoom meetings, nor has Zoom produced a transparency report regarding this.

Zoom has publicly promised to release such a report by July 1, 2020 (or within 90 days of April 2nd).

“A myriad of unexpected ways”?

And the world has indeed seen a myriad of unexpected ways Zoom security has failed. Based on our research, Zoom core development had security issues embedded in its core design, so more vulnerabilities (and more patches) are expected in the future. Security should never be sacrificed for the sack of usability.

Despite the increasing myriad of unexpected security issues (and patches) with Zoom, the video conferencing app is one of the most popular ways people are keeping in touch with one another. With its almost frictionless UI (and now Snapchat filter integration), it’s no wonder why Zoom has quickly become one of the most used apps in the world.

Zoom could one day be the most secure video conferencing app in the world if they’re able to continue to survive their current trial by fire, maintain their market lead in a post-pandemic environment, and escape growing mistrust of business practices. (Consistently using the common definitions of technical terms would be a great place to start.)

Their publicly promised transparency report (due before July 1st) should give more light to the direction Zoom plans to take in a post-pandemic market.

Whatever Zoom’s fate, this trial by fire has clearly demonstrated the need for proper security vetting in not just video conferencing apps but all software. Popularity does not equal security, nor is ease-of-use an acceptable trade-off for privacy. Stay safe, and stay smart.

When you join CyCraft, you will be in good company. CyCraft secures government agencies, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, and SMEs.

We power SOCs with our proprietary and award-winning AI-driven MDR (managed detection and response), SOC (security operations center) operations software, TI (threat intelligence), Health Check, automated forensics, and IR (incident response), and Secure From Home services.

Related posts:

Cities need to be an economic hub for growth, but when more people leave rural areas and flock to cities, infrastructure and hundreds of other elements suffer. Smart cities can help with more easily…

The pie chart is the most common visualization technique used for visualizing part of whole relationships. In other words, these types of charts are useful for showing proportions. However, treemap…

Although weight loss surgery can be one of the most effective ways to lose weight, it’s not always an option. Serenity Medical Care clinic offers non-invasive weight loss procedures to help you reach…