Foreign intelligence agents are using online platforms and videoconferencing apps to spy on Americans, TIME reported, citing several US intelligence officials.
Chinese spies, in particular, have exploited the coronavirus pandemic to get information about American companies as they take their operations digital and offices across the US shut down amid stay-at-home orders.
The video conferencing app Zoom has proven particularly susceptible to cyber intrusions because of its popularity — Zoom’s CEO said the number of people using the app jumped from 10 million in December to 200 million in March — and lack of encryption.
Hackers targeting the platform, dubbed “Zoombombers,” have disrupted events like doctoral dissertations, Sunday school, city council meetings, online classes at universities, and Alcoholics Anonymous meetings.
Even the FBI weighed in on the matter, warning schools, in particular, to be wary of hackers infiltrating online meetings and calls to post pornographic imagery and hate speech.
Now, TIME reported, Zoom is becoming a playground for foreign spies, as operatives from countries like Russia, China, Iran, and North Korea target Americans’ video chats.
“More than anyone else, the Chinese are interested in what American companies are doing,” one official told the outlet.
Zoom, moreover, is more vulnerable to intrusion by Chinese cyberspies because some of its encryption keys are routed through Chinese servers, according to a report this month from The Citizen Lab, a research group at the University of Toronto.
The report also found that Zoom owns three companies in China, at which at least 700 employees are paid to develop Zoom’s software.
“This arrangement is ostensibly an effort at labor arbitrage: Zoom can avoid paying US wages while selling to US customers, thus increasing their profit margin. However, this arrangement may make Zoom responsive to pressure from Chinese authorities,” the report said.
Indeed, the coronavirus pandemic is a blessing in disguise for intelligence agencies in China, Russia, Iran, North Korea, and other rogue regimes, many of whom have adapted to using cyberwarfare to carry out their objectives.
As people across the world are forced to stay home and work remotely, they’re increasingly vulnerable to cyberattacks and disinformation — two tools that are more useful than ever to foreign spies.
These methods are also cheaper to employ and require less financial investment than traditional methods of intelligence gathering, giving countries like China and Russia a leg-up as they compete against more financially stable countries like the US.
Zoom, for its part, has said it will work to enhance its security over the coming months.
“For the past several weeks, supporting this influx of users has been a tremendous undertaking and our sole focus,” Zoom’s CEO, Eric Yuan, wrote in a blog post. “However, we recognize that we have fallen short of the community’s — and our own — privacy and security expectations.”
Yuan announced that the company will freeze its feature updates for 90 days while it addresses privacy and security issues. He said Zoom will also conduct a “comprehensive review with third-party experts” to ensure it’s taking the necessary steps to protect user privacy.
In the meanwhile, several US lawmakers have called for investigations into Zoom’s security, and some state attorneys general are examining the matter as well.