Boris Johnson’s Cabinet meeting could be HACKED as EU refuses to use video conferencing

Cyber security experts have warned video conferencing apps such as Zoom and Skype could be vulnerable to hackers. The UK Government has been using the Windows version of Zoom to carry out remote Cabinet meetings during the coronavirus pandemic, but the app is feared to have security flaws. The European Commission has so far banned the use of publicly available videoconferencing apps, including Zoom, as they do not meet its security criteria.

Commission president Ursula von der Leyen has expressed reservations of using off-the-shelf video applications and is understood to have ordered officials not to use software such as Zoom.

Her chief spokesman said: “Many of these are not secure enough according to our criteria.

“It’s not as if we can suddenly take something and use it like that.”

But Boris Johnson’s Cabinet has been using the Zoom videoconferencing app to facilitate its meeting.

Zoom has seen a surge in popularity during the coronavirus pandemic, as people look for ways to keep in touch while working from home.

The app has been used across the world by businesses, families and friends wanting to connect while under lockdown.

Last week the Prime Minister shared a picture of a Cabinet Zoom meeting to Twitter, which included the ID number and names of participants.

Those in attendance included key figures in Britain’s coronavirus response, such as Health Secretary Matt Hancock, England’s Chief Medical Officer Chris Whitty and the Chancellor of the Duchy of Lancaster Michael Gove.

JUST IN: Smoke seen rising above London’s Nightingale Hospital at ExCeL centre

Cyber security experts have warned that those using the Windows version of Zoom are at risk of inadvertently handing over access to their Microsoft Outlook inbox or Sharepoint document storage system.

Matthew Hickey, founder of Hacker House, said: “The screen shot shows that the Digital Cabinet is using the Microsoft client version of Zoom, which can be exploited by an attacker to potentially gather credentials to use in further attacks through use of UNC paths as links in a chat.”

UNC paths are used by computer systems to identify servers, printers and other resources in a network, and appear as double slashes or backslashes.

Mr Hickey added: “An attacker could seek to exploit the participants of a meeting they join to gain unauthorised access to services such as Outlook webmail, Microsoft Sharepoint and others by clicking on such a link.”

Dominic Raab admits ‘shock’ at Boris Johnson coronavirus development [VIDEO]
The Queen’s touching tribute as Boris Johnson battles coronavirus [INSIGHT]
Stricter coronavirus lockdown in UK could simply DELAY peak [ANALYSIS]

He warned if the host of a Zoom meeting does not secure it with a password, anyone with the link can enter the stream and send the link to other people.

The Cabinet Meeting was protected with a password.

Zoom has come under fire for not providing end-to-end encryption to protect the privacy of its users during video meetings.

The company also admitted to sharing user data with Facebook through its “Login with Facebook” feature for iPhone and iPad users, but this has since been discontinued.

The app has also seen a surge in “Zoombombing”, where hackers hijack Zoom video calls and take over the screen, sometimes showing pornography of other objectionable material.

Children’s online school classes, Alcoholics Anonymous meetings, church services and private business calls have all been targeted so far.

Zoom’s CEO Eric Yuan has apologised to users and insisted the video-call company was making drastic changes to prevent this abuse.

Mr Yuan said in a blog post: “We recognise that we have fallen short of the community’s — and our own — privacy and security expectations.

“For that, I am deeply sorry.”

From Monday, the app requires passwords to enter all calls via Meeting ID.

Zoom has also changed virtual waiting rooms to be on by default so hosts have to manually admit attendees before they join a call.

A spokesperson for the UK’s Information Commissioner’s Office said it was “considering various concerns that have been raised regarding video conferencing apps”.

Source: Read Full Article