Video Calls May Not Be Safe, Researchers Say GA S REGULAR Menu Lifewire Tech for Humans Newsletter! Search Close GO News > Smart & Connected Life
Video Calls May Not Be Safe, Researchers Say
Eavesdropping is just one possibility
By Sascha Brodsky Sascha Brodsky Senior Tech Reporter Macalester College Columbia University Sascha Brodsky is a freelance journalist based in New York City. His writing has appeared in The Atlantic, the Guardian, the Los Angeles Times and many other publications. lifewire's editorial guidelines Updated on February 17, 2021 02:03PM EST Fact checked by Rich Scherr Fact checked by Rich Scherr University of Maryland Baltimore County Rich Scherr is a seasoned technology and financial journalist who spent nearly two decades as the editor of Potomac and Bay Area Tech Wire. lifewire's fact checking process Tweet Share Email Tweet Share Email Smart & Connected Life Mobile Phones Internet & Security Computers & Tablets Smart Life Home Theater & Entertainment Software & Apps Social Media Streaming Gaming Key Takeaways
A recent report by cybersecurity firm McAfee finds that video calling software could be hacked to spy on users. Dating apps such as eHarmony and Plenty of Fish were among those identified as vulnerable to hacking. The number of people using video conferencing platforms has increased dramatically, with many people forced to work from home during the coronavirus pandemic. Geber86 / Getty Images Your video calls may not be as secure as you think, according to new research. Cybersecurity firm McAfee has released a report uncovering a new vulnerability in a video-calling software development kit (SDK). Hackers could exploit this vulnerability to spy on users’ live video and audio calls. Dating apps such as eHarmony and Plenty of Fish were among those identified as using the vulnerable SDK platform. "Whether you are attending regular virtual work meetings or catching up with extended family across the globe, as a consumer, it’s important to realize what exactly you’re getting into when downloading applications that help you stay connected," Steve Povolny, head of McAfee Advanced Threat Research said in an email interview. "As the rapid, broad adoption of video conferencing tools and apps occurs, potential threats to online safety will inevitably emerge." Many Threats to Video Chats
The SDK, provided by the software firm Agora.io, can be used by applications for voice and video communication across many platforms, such as mobile and web. It’s unknown how many other apps could have been impacted, Povolny said. Since McAfee discovered this security issue, Agora has updated its SDK to provide encryption. But experts say that many types of video communications remain vulnerable to hacking. Anything connected to the internet can be hacked, pointed out Joseph Carson, chief security scientist at cybersecurity firm Thycotic, in an email interview. pixelfit / Getty Images "Any devices that contain cameras can absolutely be abused to record video, analyze that data, and perform voice or facial recognition," he added. "In many incidents, the vendors who manufacture them do not provide the ability to turn them off, which means they focus purely on ease of use and almost always sacrifice security as a result." The number of people using video conferencing platforms has increased dramatically, with many people forced to work from home during the coronavirus pandemic, Hank Schless, senior manager of security solutions at cybersecurity firm Lookout, said in an email interview. "Malicious actors know that there are many new users who are unfamiliar with the apps they can exploit," he added. "In this type of campaign, they often use both malicious URLs and fake message attachments to bring targets to phishing pages." Insider Attacks are the Biggest Threat
Video calling is most vulnerable when the call is recorded and stored on a third-party server or on the app provider's server, Hang Dinh, a professor of computer and information sciences at Indiana University South Bend, said in an email interview. For example, video calls on Facebook Messenger are stored on Facebook's servers and can be viewed by Facebook's employees. "If one of their employees is not careful with security, your calls can be hacked," Dinh added. "Remember that Twitter was also hacked because of an insider's fault." Jasmin Merdan / Getty Images To make their communications more secure, users should choose end-to-end encrypted video calls such as WhatsApp, Google Duo, FaceTime, and ExtentWorld, Dinh said. "Being end-to-end encrypted means the calls are not stored and decrypted on any third party server, including the call provider's servers," she added. Popular video conference software Zoom also recently began offering end-to-end encrypted video calls. Still, the encryption feature on Zoom is not turned on by default, Dinh noted. For most people, the most significant risk to video hacking is eavesdropping, Chris Morales, head of security analytics at cybersecurity company Vectra AI, said in an email interview. "The other risk is the disruption of a session with shared images and sounds," he said. "Think of it like digital graffiti." To keep out hackers, users should have passwords for all video conferences, Morales said. That password should not be posted publicly and should be shared privately. The moderator can also, by default, enable mute on all participants and disable screen sharing features. "How strong that password is will still impact the ability for someone to access a current session," he added. "But it is much better than no password at all." Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit More from Lifewire How To Make a Video Call on Android What Are Packet Sniffers and How Do They Work? The 8 Best Free Skype Alternatives of 2022 What Are the Security Threats In VoIP Is Your Cordless Phone Being Hacked? 7 Benefits of Video Conferencing Are Your Calls More Secure With Landline or With VoIP? What Is Zoom and How Does It Work? Quantum Computers May Soon Be Able to Break Bitcoin Why You May Not Really Own Your Gadgets Your Smartphone May Be Revealing Details of Your Life Smartphone Hacks Are on the Rise, Experts Say You Could Still Be at Risk From the Log4J Vulnerability New Digital Car Keys May Bring Security Risks How to Make Better Passwords Beware! That App You’re Downloading Might Not Be Real Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies