Zoom's Security Pile-on Caused a Lawsuit - Are Microsoft, Cisco and Others Next?

Zoom's popularity led to highly publicized cyber attacks, but other tech companies are equally vulnerable.

learn more about Sam Curry

By Sam Curry

LeoPatrizi | Getty Images

Opinions expressed by Entrepreneur contributors are their own.

Zoom's popularity skyrocketed 20-fold in the last month, and along with it came a pile-on of criticism. Now the company is facing a lawsuit and is barred by some public and private entities. But does Zoom alone warrant this backlash? Would the hysteria be where it is today if Zoom didn't jump from 10 million users in December to more than 200 million in March? In our mass migration to work from home and growing reliance on virtual meeting platforms, we cannot overlook the ongoing security vulnerabilities facing all such tools.

The simple truth is vulnerabilities and flaws exist in every digital product and tool, videoconferencing included, and no software is impenetrable to hackers. To think differently would be foolish. Cyber security is very much a game of cat and mouse, with bad actors continuously looking for new ways to breach security and security teams constantly on the defense. No digital offering can ever be 100 percent secure.

Related: 6 Tricks You Need to Know About Zoom

So yes, Zoom's platform has vulnerabilities and some privacy issues. But these issues are not exclusive to this platform. To date, Zoom's hacks are either hoaxes or easily solved with simple setting changes. The widely reported "zoom-bombing" was made possible because of human flaws, not technical ones. There's certainly a case to be made for Zoom's security practices and an active approach to weeding out such issues, but it is equally plausible that hackers could find ways to penetrate meetings held on any other virtual meeting or video conferencing platform, Microsoft and Cisco included, perhaps with even greater success.

With pending litigation and mounting public scrutiny, Zoom's issues benefit its competitors, but it wouldn't be prudent to overlook the vulnerabilities within these competitors' platforms. They are not immune to the same problems.

Both Cisco and Microsoft have faced their own security issues in the past. Just last year, Microsoft uncovered a vulnerability in Teams that could be a vehicle for malware. The flaw disguised the malicious files as a program update, and any user that accepted that update prompt fell prey. One user recounted how they hacked WebEx a mere six months ago. There were also accounts of unauthorized users joining WebEx meetings, similar to the accounts we've seen about Zoom. These particular breaches, which flew under the radar, might have since been patched, but that does not mean that these services are now infallible. The ability to hack both of these platforms exists today, just in new forms.

Related: Were You Zoom-Bombed? Video of It May Now Be on YouTube, TikTok for All to See

Zoom's competitors have boasted of features designed to secure their respective platforms. From encryption to privacy, consumers are meant to feel secure with a laundry list of protective measures. And sure, they may be more secure. But they are certainly not wholly secure anywhere.

It is no coincidence that Zoom's security issues came to light during its boom in popularity, but the disproportionate hype and subsequent media attention far outweighed the severity of the issues. Hackers tend to gravitate towards actions that have widespread consequences. So inevitably, as Zoom's user base grew, so too did the attention from blackhat, whitehat and greyhat hackers. Breaching Zoom now means potentially impacting 200 million people as opposed to the 10 million users the platform notched earlier this year. Increased users lead to increased hacking activity, which will inevitably lead to the discovery of additional software flaws and vulnerabilities. Should hackers turn their attention towards Skype or WebEx, additional flaws will be uncovered there too.

Related: Eric Yuan Explains the 6 Simple Tactics He Used to Build Zoom Into a $20 Billion Business

Security issues are not erased by migrating from Zoom to WebEx; it simply dresses the problem in a new "outfit." If WebEx and Skype fail to actively combat the security flaws facing Zoom, they will likely fall victim to these hacks as well once they become more popular options with those working from home. Hopefully the security community will pile-on behind a company doing the right things as much or more than the pile-on around the issues.

For its part, Zoom has taken action to make its platform more secure, introducing enhancements to help meeting hosts manage secure meetings. Zoom should be lauded for the rate of improvement, rapid turnaround on discovered vulnerabilities and demonstration of its agility and focus on security hardening. In the cyber world of cat-and-mouse, this is what companies should look for in partners: transparency, honesty, focus on security and rate of improvement. Zoom has also announced a 90-day push to launch additional security and privacy steps at the same time it has scaled up 20 times its normal capacity. This isn't trivial and is a lot like changing the tires while still driving. As hackers become more creative about which platforms to hack and how, all online communication platforms must remain on high alert, maintain the agility to deal with cybersecurity issues as they arise and offer the public full transparency as they move to patch security loopholes.

Related: 4 Major Cybersecurity Risks of Working From Home

Sam Curry

Chief Security Officer at Cybereason

Sam Curry is CSO at Cybereason. He is a security visionary and thought leader and has been interviewed by dozens of journalists, has published broadly and has talked in media on security trends, threats and the impact of "cyber" on us all.

Related Topics

Editor's Pick

Have More Responsibilities at Work, But No Pay Bump? Use This Script to Get the Raise You Deserve.
Black and Asian Founders Face Opposition at All Levels — Here's Why That Has to Change
Personal Finance

8 Fun and Fulfilling Ways to Retire by Age 50

Early retirement is a real option that more people are pursuing. You can do this if you are willing to work hard.

Thought Leaders

5 Small Daily Habits Self-Made Millionaires Use to Grow Their Wealth

We've all seen what self-made millionaires look like on TV, but it's a lot more subtle than that. Brian Tracy researched what small daily habits these successful entrepreneurs adopted on their journey from rags to riches.

Living

Invest in Yourself: 10 Things Every Working Woman Should Do This Year

When striving for success, it is easy to forget about your mental and physical health. But without health, you cannot fully succeed. Follow these ten lifestyle strategies for success in your personal and professional life.

Marketing

6 Ways to Wring All the Value from Your Earned Media Coverage

Press coverage can help your brand gain visibility and increase credibility — but not if no one sees it. What can you do to get more value from the media placements you've worked so hard to earn?

Growing a Business

The Best Way to Run a Business Meeting

All too often, meetings run longer than they should and fail to keep attendees engaged. Here's how to run a meeting the right way.