Embattled video conferencing platform Zoom has tapped up Facebook’s former security chief Alex Stamos as it attempts to knock back a security-based backlash.
Stamos will serve as an external consultant after Zoom's CEO Eric Yuan spoke with the former Facebook chief security officer over the phone about the crisis engulfing the platform so soon after its popularity had exploded.
Stamos spoke with Yuan about the platform’s sudden growth, and the need to live up to the security expectations that accompany this surge. Yuan then asked if he would be interested in helping Zoom build up its security, privacy and safety capabilities as an external consultant, to which Stamos “readily agreed”.
“First off, Zoom has gone from being a successful mid-sized enterprise IT company to a critical part of the lives of hundreds of millions in the space of a couple of months,” Stamos wrote in a Medium post.
“To successfully scale a video-heavy platform to such a size, with no appreciable downtime and in the space of weeks, is literally unprecedented in the history of the Internet. It has been clear to many people who have worked on production-scale systems that something special has been happening at Zoom, and the related security challenges are fascinating.”
Over a matter of days, Zoom has endured criticism for an integration that transferred iOS device data to Facebook, for claiming that sessions were end-to-end encrypted when this wasn’t the case and a growth in ‘Zoom bombing’ cyber attacks.
Such concerns, among others, have led to the UK’s Ministry of Defence (MoD) to recommend against government staff using Zoom while theyr'e investigated, and Taiwan’s government banning the platform altogether.
The company, in response, has pledged to suspend all development on the platform and instead reallocate resources and efforts into fixing outstanding security concerns.
Areas that Stamos is particularly keen to begin working on include core application security, cryptographic design, and infrastructure security.
He added that building up collaboration software to ensure customers are empowered - while cyber criminals aren’t - is possibly the most impactful challenge faced by the tech industry in a world ravaged by the spread of coronavirus.
Photo by FotoBugz / CC BY 2.0
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Phishing emails target victims with fake vaccine passport offerNews Scammers could steal victims’ personal information and never deliver the illegal goods, Fortinet warns
-
COVID-related phishing fuels a 15-fold increase in NCSC takedownsNews The NCSC recorded a significant jump in the number of attacks using NHS branding to lure victims
-
COVID vaccine passports will fail unless government wins public trust, ICO warnsNews Data watchdog's chief Elizabeth Denham warns that it’s not good enough to claim ‘this is important, so trust us’
-
Fake COVID vaccination certificates available on the dark webNews Fast-growing market emerges for people wanting quick vaccine proof to travel abroad
-
Cyber security firm saw attacks rise by 20% during 2020News Trend Micro found attackers also heavily targeted VPNs
-
Hackers using COVID vaccine as a lure to spread malwareNews Cyber criminals are impersonating WHO, DHL, and vaccine manufacturers in phishing campaigns
-
Website problems slow coronavirus vaccine rollout
News Florida is the epicenter of website issues, as patients struggle with malfunctioning sites and hackers
-
NHS COVID-19 app failed to ask users to self-isolate due to 'software glitch'News The bug is the latest in a long line of errors and glitches to plague the government's contact-tracing app
