Wednesday, October 29, 2014

Webex Trollers on the Prowl

We have been asked by a company to determine who has been dialing into their Webex. The Webex session showed a phone number but the person on the other end failed to identify themselves on the call.

We quickly advised the client to password protect the Webex sessions. Why wouldn't you password protect your Webex sessions in the first place? It's the same reason passwords are reused. Ease of access.

Brian Krebs previously reported on companies using Webex without passwords. His research indicated several dozen large companies were hosting meetings without passwords. I have actually logged into the wrong Webex on two occasions because of fat fingering meeting numbers when connecting to Webex. When this occurred I told the person(s) on the call that I had inadvertently connected to their meeting and promptly hung up.

One of the vulnerabilities we have noted is that companies that use hosted Webex services in many cases fail to password protect their meetings and this is something you should probably check for in your organization. It's not a big deal in most cases unless your discussing patients or unless you are a financial institution. However all businesses should be wary as we are pretty sure China and Russia may also troll Webex for companies in order to clean intelligence information.

If you notice somebody on your Webex that you can't identify your best option is to terminate the meeting and send out new invitations with a password protected Webex.


No comments:

Post a Comment