FTI Journal
FTI Journal | Critical Thinking at the Critical Time
 

My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?

My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?

An uninvited guest crashing your video conference is a threat to your company’s reputation. Here are the steps to take to mitigate damage and restore confidence.

I

f it can happen at the highest level of government it can happen to your company. 

On April 3 of this year, a videoconference on women’s rights in Afghanistan held by the House of Representatives’ Oversight Committee was allegedly “zoom-bombed” three times. The incident raised serious concerns about the security of Zoom as a videoconferencing platform for use by government and private enterprise.

Ten months into the pandemic and the world of virtual meetings it has engendered, and we’re all familiar with the term zoom-bombing. It’s so familiar in fact, that the term itself has become a stand-in for cyber attacks on any video conference, no matter the platform. Characterized by an uninvited guest hacking into a meeting, zoom-bombing ranges from minor nuisances, such as teenagers infiltrating company meetings, to more disturbing and salacious virtual visits.

Even in its most innocuous form, a zoom-bombing and the digital violation it represents can unsettle employees and external stakeholders alike. A more heinous, high-profile attack can severely threaten your company’s reputation, but it does not need to spell disaster. Below are four tips to navigate the aftermath of a zoom-bombing through cooperative internal and external communications.

1. Take Swift Action

Your meeting has just been zoom-bombed. What is your first move? Act decisively. Timing is vital to alleviating anxieties, as delays in acknowledging the incident can create the impression the attack is being ignored or swept under the rug. Your employees are looking to you for an explanation and reassurance in the immediate aftermath, so listen and respond swiftly to any significant concerns they raise.

The empathetic voice when delivering internal communications is just as crucial as the post-attack messaging itself. Identify the key company representatives who can spread the word and restore confidence internally (and externally). You understand your workforce best, so be sure your representatives empathize effectively with your designated audience’s needs.

A charismatic digital expert, sympathetic HR lead or C-suite member known for transparency are all potential picks to lead a company’s emotional and technological recovery; evaluate who best fits based on demeanor, level of expertise and understanding of company culture to resonate with a particular audience.

2. Prioritize Your People

Your employees are the principal audience to prioritize. A zoom-bombing touches the cyber-security anxieties people feel entering a virtual workplace. They may be thinking, “If my meeting can be hacked so easily, what else is at risk of being hijacked?”

Employees must receive transparent and supportive communication affirming the safety of their digital workplace. Start with a clear defining of the event as a zoom-bombing specifically. Doing so assuages potential fears that other aspects of your technological infrastructure — such as an employee’s personal information — have been additionally compromised. Following an acknowledgement of the attack as an isolated incident, outline the future steps being taken to prevent its subsequent occurrence.

Zoom-bombing can also be a traumatic psychological violation for employees in the compromised meeting, and any digital intrusion can fracture trust in your company’s cyber-security posture. Make sure to provide HR mental health resources and an open space for dialogue about the attack’s ramifications. Firm, empathetic internal communications unify a company’s workforce toward recovery, a valuable asset if a zoom-bombing requires external communication as well.   

3. Face the Public

A zoom-bombed client or other external meeting can draw the attention of news networks, public shareholders and corporate partnerships. Identify the interests of your organization’s stakeholders, and tailor messaging specific to their diverging concerns. It may be helpful to create a universal set of key messages based on principles like internal accountability, compassion and recovery. Though messages will be different based on the needs of each stakeholder, ensure that all external communications are thematically consistent and cohesive. 

Like internal communication, clearly establish the nature of the attack and plans to prevent its future incidence. A unified front is a helpful foundation to ground external communications; if your employees visibly trust your recovery plan after a digital attack, it is likely that outside stakeholders will follow suit.  Zoom-bombing incidents can threaten your company’s carefully crafted reputation, but tailoring stakeholder-specific messages under a coherent, thematic set of key messages can significantly alleviate any outward mistrust. 

4. Plan Ahead

A digital attack of any nature can be embarrassing, and you may be tempted to try to address it externally anytime it’s referenced in public. Don’t. Resist oversaturating your audience and trust your instincts: Gauge the success of initial internal and external communications before issuing follow-up messaging. If stakeholders seem to move on — a sign of a proactive, early response — avoid persistent reminders of what was a potentially traumatizing virtual violation.

You may want to announce significant milestones and answer lingering questions about your zoom-bombing response, but keep further messages concise and relevant to presented concerns. The goal of communication following digital disruptions is to instill confidence in a more secure virtual workplace and move on. If stakeholders and employees are conveying trust in your corrective measures following a zoom-bombing, listen to them.

The good news is, efforts are underway to reduce zoom-bombing within educational, governmental and workplace spaces. To that end, the FBI has cracked down on more egregious offenses, and many video conference platforms (including Zoom) have introduced new security features to deter outside disruptions.

In the meantime, collaborative external and internal communication efforts following digital attacks can preserve, if not strengthen, the resilience of your company’s internal culture and outside reputation.

 

Published January 2021

© Copyright 2021. The views expressed herein are those of the authors and do not necessarily represent the views of FTI Consulting, Inc. or its other professionals.

About The Authors


Meredith Griffanti
merdith.griffanti@fticonsulting.com
Managing Director
Strategic Communications
FTI Consulting

Evan Roberts
evan.roberts@fticonsulting
Senior Director
Strategic Communications
FTI Consulting

Share This

Related Articles

  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?

    Adapt Now or Risk Extinction: The New Mandate for the CEO
    An FTI Journal exclusive conversation with Dr. Erica Richardson, managing director in Strategic Communications, with extensive experience in public affairs and financial markets.

  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?

    When Fake News Causes Real Suffering
    The growing influence of social media alongside a shift in how people obtain and consume news has led to the rapid spread of misinformation about the origins of the COVID-19 virus. What impacts will this have on public health and the acceptance of a vaccine?

  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?

    Your Network Goes Dark. What Should You Do?
    Kyung Kim, Head of Cybersecurity for FTI Consulting’s APAC region, looks at the three steps you can take today to reduce the chances of the unthinkable: a paralyzed network and an IT team that can’t be reached.

Latest Articles

Related Articles

  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?
    Adapt Now or Risk Extinction: The New Mandate for the CEO
    An FTI Journal exclusive conversation with Dr. Erica Richardson, managing director in Strategic Communications, with extensive experience in public affairs and financial markets.
  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?
    When Fake News Causes Real Suffering
    The growing influence of social media alongside a shift in how people obtain and consume news has led to the rapid spread of misinformation about the origins of the COVID-19 virus. What impacts will this have on public health and the acceptance of a vaccine?
  • My Video Conference Has Just Been Zoom-Bombed. Now What Do I Do?
    Your Network Goes Dark. What Should You Do?
    Kyung Kim, Head of Cybersecurity for FTI Consulting’s APAC region, looks at the three steps you can take today to reduce the chances of the unthinkable: a paralyzed network and an IT team that can’t be reached.

Latest Articles

It looks like you're enjoying this article. If you'd like to receive email updates from the FTI Journal, please consider subscribing.
The views expressed in this article(s) are those of the author and not necessarily those of FTI Consulting, Inc., or its professionals.
©Copyright, FTI Consulting, Inc., 2012. All rights reserved.

https://www.ftijournal.com/article/my-video-conference-has-just-been-zoom-bombed.-now-what-do-i-do