Why it matters: With an unprecedented number of people working, schooling, and socializing from home, there are a lot more victims for cybercriminals to target. However, even playing a seemingly harmless prank on unsuspecting victims can result in fines and prison time under the Computer Fraud and Abuse Act.
Federal prosecutors have put pranksters and hackers on notice: If you are thinking about "Zoom bombing" — don't. Zoom bombing is where someone barges in on a video conference and displays porn or some other disruptive content. According to the Department of Justice, such acts are a federal offense and subject to harsh fines and imprisonment.
"You think Zoom bombing is funny? Let's see how funny it is after you get arrested," Matthew Schneider, US Attorney for the Eastern District of Michigan, said in a DoJ press release. "If you interfere with a teleconference or public meeting in Michigan, you could have federal, state, or local law enforcement knocking at your door."
The warning comes as the Zoom video conferencing app has exploded in popularity. The tool's user base has grown 20-fold to over 200 million in just over three months, causing the company to freeze feature development to fix security issues brought on by the increased numbers and use cases that extended beyond the scope the company intended.
However, Zoom is not the only telecommuting application, and the law applies to them all. Regardless of whether a person interrupts a Zoom meeting or a Microsoft Teams conference, it is still a violation of USC 18 section 1030 of the Computer Fraud and Abuse Act. Sentences can range from one to 10 years in federal prison, depending on the specifics of the violation. Fines can be up to $100,000 for misdemeanor acts and $250,000 for felonies as well as the seizure of property.
"We were alerted to this problem by a Michigan reporter who participated in a Zoom conference that was hijacked," said Michigan Attorney General Dana Nessel. "Since then, we have learned of other incidents around the country."
The FBI urges people to exercise "good cyber hygiene" when using teleconferencing apps and has outlined some tips and steps to reduce risks on the FBI's Internet Crime Complaint Center (IC3) website. Victims of conference hijacking can also report it on the IC3's reporting page.