Get All Access for $5/mo

Zoom's Security Pile-on Caused a Lawsuit - Are Microsoft, Cisco and Others Next? Zoom's popularity led to highly publicized cyber attacks, but other tech companies are equally vulnerable.

By Sam Curry Edited by Jessica Thomas

Opinions expressed by Entrepreneur contributors are their own.

LeoPatrizi | Getty Images

Zoom's popularity skyrocketed 20-fold in the last month, and along with it came a pile-on of criticism. Now the company is facing a lawsuit and is barred by some public and private entities. But does Zoom alone warrant this backlash? Would the hysteria be where it is today if Zoom didn't jump from 10 million users in December to more than 200 million in March? In our mass migration to work from home and growing reliance on virtual meeting platforms, we cannot overlook the ongoing security vulnerabilities facing all such tools.

The simple truth is vulnerabilities and flaws exist in every digital product and tool, videoconferencing included, and no software is impenetrable to hackers. To think differently would be foolish. Cyber security is very much a game of cat and mouse, with bad actors continuously looking for new ways to breach security and security teams constantly on the defense. No digital offering can ever be 100 percent secure.

Related: 6 Tricks You Need to Know About Zoom

So yes, Zoom's platform has vulnerabilities and some privacy issues. But these issues are not exclusive to this platform. To date, Zoom's hacks are either hoaxes or easily solved with simple setting changes. The widely reported "zoom-bombing" was made possible because of human flaws, not technical ones. There's certainly a case to be made for Zoom's security practices and an active approach to weeding out such issues, but it is equally plausible that hackers could find ways to penetrate meetings held on any other virtual meeting or video conferencing platform, Microsoft and Cisco included, perhaps with even greater success.

With pending litigation and mounting public scrutiny, Zoom's issues benefit its competitors, but it wouldn't be prudent to overlook the vulnerabilities within these competitors' platforms. They are not immune to the same problems.

Both Cisco and Microsoft have faced their own security issues in the past. Just last year, Microsoft uncovered a vulnerability in Teams that could be a vehicle for malware. The flaw disguised the malicious files as a program update, and any user that accepted that update prompt fell prey. One user recounted how they hacked WebEx a mere six months ago. There were also accounts of unauthorized users joining WebEx meetings, similar to the accounts we've seen about Zoom. These particular breaches, which flew under the radar, might have since been patched, but that does not mean that these services are now infallible. The ability to hack both of these platforms exists today, just in new forms.

Related: Were You Zoom-Bombed? Video of It May Now Be on YouTube, TikTok for All to See

Zoom's competitors have boasted of features designed to secure their respective platforms. From encryption to privacy, consumers are meant to feel secure with a laundry list of protective measures. And sure, they may be more secure. But they are certainly not wholly secure anywhere.

It is no coincidence that Zoom's security issues came to light during its boom in popularity, but the disproportionate hype and subsequent media attention far outweighed the severity of the issues. Hackers tend to gravitate towards actions that have widespread consequences. So inevitably, as Zoom's user base grew, so too did the attention from blackhat, whitehat and greyhat hackers. Breaching Zoom now means potentially impacting 200 million people as opposed to the 10 million users the platform notched earlier this year. Increased users lead to increased hacking activity, which will inevitably lead to the discovery of additional software flaws and vulnerabilities. Should hackers turn their attention towards Skype or WebEx, additional flaws will be uncovered there too.

Related: Eric Yuan Explains the 6 Simple Tactics He Used to Build Zoom Into a $20 Billion Business

Security issues are not erased by migrating from Zoom to WebEx; it simply dresses the problem in a new "outfit." If WebEx and Skype fail to actively combat the security flaws facing Zoom, they will likely fall victim to these hacks as well once they become more popular options with those working from home. Hopefully the security community will pile-on behind a company doing the right things as much or more than the pile-on around the issues.

For its part, Zoom has taken action to make its platform more secure, introducing enhancements to help meeting hosts manage secure meetings. Zoom should be lauded for the rate of improvement, rapid turnaround on discovered vulnerabilities and demonstration of its agility and focus on security hardening. In the cyber world of cat-and-mouse, this is what companies should look for in partners: transparency, honesty, focus on security and rate of improvement. Zoom has also announced a 90-day push to launch additional security and privacy steps at the same time it has scaled up 20 times its normal capacity. This isn't trivial and is a lot like changing the tires while still driving. As hackers become more creative about which platforms to hack and how, all online communication platforms must remain on high alert, maintain the agility to deal with cybersecurity issues as they arise and offer the public full transparency as they move to patch security loopholes.

Related: 4 Major Cybersecurity Risks of Working From Home

Sam Curry

Chief Security Officer at Cybereason

Sam Curry is CSO at Cybereason. He is a security visionary and thought leader and has been interviewed by dozens of journalists, has published broadly and has talked in media on security trends, threats and the impact of "cyber" on us all.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business News

Mark Cuban Warns About Fake Fundraisers on Social Media After Assassination Attempt: 'Makes Things Worse'

Mark Cuban warned his followers about online grifters who try to capitalize on tragedy.

Business Culture

Want Engaged Employees? Act Like a Nanobubble

Nanobubbles revitalized Lake Elsinore by addressing its root problems, offering a metaphor for sustainable employee engagement.

Starting a Business

He Started an 'Accidental' Business at 25 With Just $2,000 — Then Gave His Product to the Pope: 'Anyone Can Be an Entrepreneur'

Michael Aram, founder of the namesake luxury home and jewelry brand, learned the art of metalworking in India — and used it to launch a global brand.