[civicsquid]

> We were a victim of a teleconference or Zoom hijacking and we are trying to understand what we need to do going forward to prevent this from ever happening again

I don't know if there are more details elsewhere, but I feel like a solution here is to not host the meeting in such a way that allows others to share anything (or at least only allow authorized users to join)? Although I would think that a 'broadcast' of the meeting followed by text-based follow-ups from people not physically present would be an even better system.

Maybe there are more requirements that I don't know about.

[chongli]

I think what likely happened is that the zoom call was started by a non-technical person who didn’t realize how to properly configure the permissions on the meeting. So once the meeting got started it turned out anyone had permission to share their screen and hijack the call with whatever they wanted to show.

[acomjean]

I use zoom for a couple groups I'm park of. It's actually hard to set screen sharing on by default. To the point where if I use the link I sent out to join not as the meeting organizer, I have to leave and come back before anyone can share. My work zoom link gets around this restriction..

The fact that zoom full screens any share makes this worse.

At this point most organizations should have someone adept enough to boot misbehavior. It's a little tricky.

[theshrike79]

Zoom specifically has a mode for this. I've been in Zoom meetings with C-level staff and 2k+ people listening in.

The people viewing couldn't turn on their cameras or microphones. They could only listen and present questions in a moderated chat channel.

[Gigachad]

Hold the meetings in person. Zoom has been a disaster for collaboration. If people try to bomb your in person meetings you can have the police arrest them for trespass.