According to Rapid7, a provider of security risk intelligence solutions, thousands of video conferencing systems raise several security concerns and are vulnerable to hacking.
These security issues might become a big problem for companies that don’t take their video conferencing security serious since many remote conferences take place in corporate meeting rooms, where sensible information is discussed.
According to HD Moore, Rapid7 CSO and Chief Architect, “many of these [video conferencing systems] are naked on the internet.” He estimates that over 150,000 systems on the internet can be easily hacked into allowing intruders to listen to private conversations using the system’s microphone and watching the conference through the computer cameras.
In an interview, Moore has said that the biggest mistakes in corporate video conferencing are the auto-answer feature and deploying a video conference without being firewall protected. Moore also added that while many systems are protected behind a firewall, many of them cannot handle the H.323 protocol, leaving the system accessible to intruders.
Moore, while researching for systems vulnerabilities, has accessed video conferences which took place at boardrooms as well as law offices, venture capital firms and research facilities.
“Often, where video conferencing equipment gets located are the same places where the most sensitive meetings take place,” said Mike Tuchen, Chief Executive of Rapid7.
According to both Moore and Tuchen, stopping such attacks isn’t hard though it requires some technical know-how. One of the easiest ways of preventing spying is by disabling the auto-answer feature, they explained.
Another way might be looking for equipment that offers good security solutions and that it is easy to use and to monitor. With fully implemented security solutions, video conferencing appliances like RHUB Web conferencing appliance solution fully secure video conferencing meetings by barricading them behind firewalls and by using both SSL and proprietary encryptions.
No comments:
Post a Comment