Cybersecurity Briefing — FBI and CISA issue videoconferencing hijacking guidance

Executive briefing: Following a spike in disrupted remote classes and business meetings, the FBI and CISA issued joint guidance on 2 April 2020 explaining how administrators can lock down videoconferencing tools. The advisory details meeting controls, user hygiene, and incident reporting steps to curb harassment and data exposure during pandemic telework.

What changed

• Guidance urges enabling meeting passwords, waiting rooms, and host-only screensharing by default for public-facing events.
• Organizers should avoid posting meeting links publicly, restrict file transfer, and limit meeting recording to authorized hosts.
• Victims are directed to report incidents to local FBI field offices or IC3 with meeting IDs, screenshots, and time stamps to aid investigations.

Why it matters

• Loose defaults on video platforms create avenues for harassment, malware delivery, or exposure of confidential material during remote operations.
• Education and healthcare providers face regulatory penalties if protected data is displayed in hijacked sessions.
• The advisory reinforces the need to align collaboration settings with existing incident response and access control policies.

Action items for operators

• Enforce tenant-level policies for passwords, waiting rooms, and authenticated attendee requirements on all conferencing providers.
• Create quick-reference guides for employees and faculty on sharing controls, host handoffs, and how to capture evidence during disruptions.
• Update incident response runbooks to include videoconference logging, preservation of chat and participant lists, and notification templates.