Zoom's Security Pile-on Caused a Lawsuit - Are Microsoft, Cisco and Others Next?

Zoom's popularity led to highly publicized cyber attacks, but other tech companies are equally vulnerable.

learn more about Sam Curry

By Sam Curry

LeoPatrizi | Getty Images

Opinions expressed by Entrepreneur contributors are their own.

Zoom's popularity skyrocketed 20-fold in the last month, and along with it came a pile-on of criticism. Now the company is facing a lawsuit and is barred by some public and private entities. But does Zoom alone warrant this backlash? Would the hysteria be where it is today if Zoom didn't jump from 10 million users in December to more than 200 million in March? In our mass migration to work from home and growing reliance on virtual meeting platforms, we cannot overlook the ongoing security vulnerabilities facing all such tools.

The simple truth is vulnerabilities and flaws exist in every digital product and tool, videoconferencing included, and no software is impenetrable to hackers. To think differently would be foolish. Cyber security is very much a game of cat and mouse, with bad actors continuously looking for new ways to breach security and security teams constantly on the defense. No digital offering can ever be 100 percent secure.

Related: 6 Tricks You Need to Know About Zoom

So yes, Zoom's platform has vulnerabilities and some privacy issues. But these issues are not exclusive to this platform. To date, Zoom's hacks are either hoaxes or easily solved with simple setting changes. The widely reported "zoom-bombing" was made possible because of human flaws, not technical ones. There's certainly a case to be made for Zoom's security practices and an active approach to weeding out such issues, but it is equally plausible that hackers could find ways to penetrate meetings held on any other virtual meeting or video conferencing platform, Microsoft and Cisco included, perhaps with even greater success.

With pending litigation and mounting public scrutiny, Zoom's issues benefit its competitors, but it wouldn't be prudent to overlook the vulnerabilities within these competitors' platforms. They are not immune to the same problems.

Both Cisco and Microsoft have faced their own security issues in the past. Just last year, Microsoft uncovered a vulnerability in Teams that could be a vehicle for malware. The flaw disguised the malicious files as a program update, and any user that accepted that update prompt fell prey. One user recounted how they hacked WebEx a mere six months ago. There were also accounts of unauthorized users joining WebEx meetings, similar to the accounts we've seen about Zoom. These particular breaches, which flew under the radar, might have since been patched, but that does not mean that these services are now infallible. The ability to hack both of these platforms exists today, just in new forms.

Related: Were You Zoom-Bombed? Video of It May Now Be on YouTube, TikTok for All to See

Zoom's competitors have boasted of features designed to secure their respective platforms. From encryption to privacy, consumers are meant to feel secure with a laundry list of protective measures. And sure, they may be more secure. But they are certainly not wholly secure anywhere.

It is no coincidence that Zoom's security issues came to light during its boom in popularity, but the disproportionate hype and subsequent media attention far outweighed the severity of the issues. Hackers tend to gravitate towards actions that have widespread consequences. So inevitably, as Zoom's user base grew, so too did the attention from blackhat, whitehat and greyhat hackers. Breaching Zoom now means potentially impacting 200 million people as opposed to the 10 million users the platform notched earlier this year. Increased users lead to increased hacking activity, which will inevitably lead to the discovery of additional software flaws and vulnerabilities. Should hackers turn their attention towards Skype or WebEx, additional flaws will be uncovered there too.

Related: Eric Yuan Explains the 6 Simple Tactics He Used to Build Zoom Into a $20 Billion Business

Security issues are not erased by migrating from Zoom to WebEx; it simply dresses the problem in a new "outfit." If WebEx and Skype fail to actively combat the security flaws facing Zoom, they will likely fall victim to these hacks as well once they become more popular options with those working from home. Hopefully the security community will pile-on behind a company doing the right things as much or more than the pile-on around the issues.

For its part, Zoom has taken action to make its platform more secure, introducing enhancements to help meeting hosts manage secure meetings. Zoom should be lauded for the rate of improvement, rapid turnaround on discovered vulnerabilities and demonstration of its agility and focus on security hardening. In the cyber world of cat-and-mouse, this is what companies should look for in partners: transparency, honesty, focus on security and rate of improvement. Zoom has also announced a 90-day push to launch additional security and privacy steps at the same time it has scaled up 20 times its normal capacity. This isn't trivial and is a lot like changing the tires while still driving. As hackers become more creative about which platforms to hack and how, all online communication platforms must remain on high alert, maintain the agility to deal with cybersecurity issues as they arise and offer the public full transparency as they move to patch security loopholes.

Related: 4 Major Cybersecurity Risks of Working From Home

Sam Curry

Chief Security Officer at Cybereason

Sam Curry is CSO at Cybereason. He is a security visionary and thought leader and has been interviewed by dozens of journalists, has published broadly and has talked in media on security trends, threats and the impact of "cyber" on us all.

Related Topics

Editor's Pick

Everyone Wants to Get Close to Their Favorite Artist. Here's the Technology Making It a Reality — But Better.
The Highest-Paid, Highest-Profile People in Every Field Know This Communication Strategy
After Early Rejection From Publishers, This Author Self-Published Her Book and Sold More Than 500,000 Copies. Here's How She Did It.
Having Trouble Speaking Up in Meetings? Try This Strategy.
He Names Brands for Amazon, Meta and Forever 21, and Says This Is the Big Blank Space in the Naming Game

How to Detect a Liar in Seconds Using Nonverbal Communication

There are many ways to understand if someone is not honest with you. The following signs do not even require words and are all nonverbal queues.

Business News

American Airlines Sued After Teen Dies of Heart Attack Onboard Flight to Miami

Kevin Greenridge was traveling from Honduras to Miami on June 4, 2022, on AA Flight 614 when he went into cardiac arrest and became unconscious mid-flight.

Business News

Would You Buy Maggie Murdaugh's Monogrammed Snake Print Pillows? Items From the Murdaugh Family Home Are Going Up for Auction

The sale comes just weeks after Alex Murdaugh was sentenced to two consecutive life terms for the June 2021 murders of his wife, Maggie Murdaugh, and son Paul Murdaugh.


After Early Rejection From Publishers, This Author Self-Published Her Book and Sold More Than 500,000 Copies. Here's How She Did It.

Author Karen Inglis breaks down the strategies and tactics you need to generate awareness and sales for your self-published book.

Business News

These Are the Most and Least Affordable Places to Retire in The U.S.

The Northeast and West Coast are the least affordable, while areas in the Mountain State region tend to be ideal for retirees on a budget.


Alternatives to Layoffs in Tech: Maintaining a Stable Workforce

Layoffs are not always the best option and can often be detrimental to the organization as a whole. Companies can keep a steady workforce while still controlling expenses and adapting to market changes by thinking about possible alternatives to layoffs.