Cal Lu is mostly Zoom ‘bombing’ proof

Magally Lopez, El Eco Editor

After many students, business professionals and researchers across the globe began relying on Zoom for their day-to-day work, the video conferencing platform underwent large security updates.

In a Zoom interview, Sean Kreycik, senior systems administrator for California Lutheran University’s Information Technology Services, said Cal Lutheran’s Zoom server has been hack-free.

“Nobody has been hacked, [but] I mean if you’re talking about [reported] Zoom bombings … we’ve gotten an instance or two,” he said.

The “Zoom bombings” occurred after a professor sent out a Zoom link for their class meeting via email and students who were not enrolled in the class dropped in to create a disruption.

“Some students get it in their mind that they want to be funny and send that link to their friends … and they will log in with an anonymous name and cause a disruption,” Kreycik said.

Ultimately, Cal Lutheran’s ITS has created safeguards against Zoom “bombings” through providing professors ways to schedule their regular Zoom class meetings through Blackboard’s “LTI integrated links” page. This prevents students from sharing a “wandering link” that anyone can access, Kreycik said.

“When you set it up that way, no link has to be sent out, you just have to tell the students, ‘hey log into your Blackboard, go to my course, click the Zoom link and you’ll be let in’ and no one has access to that Zoom link … you can’t get into that unless you both have a Cal Lutheran account and are enrolled in that course, so it’s very tight, it’s very tight integrated security if people set up their Zoom links that way,” he added.

While Cal Lutheran has mostly mitigated the threat of Zoom class meetings being hacked, other campuses haven’t been so lucky.

According to The Oracle, the University of Florida’s student newspaper, a Zoom meeting for prospective students was hacked, and they were shown pornographic images.

Kreycik said Cal Lutheran has had the LTI integrated links set up for years because the university has “been customers of Zoom for two years now, maybe three.”

In addition to the LTI integrated links, Kreycik said ITS provided a training through the Digital Learning Department guiding professors through the process to set up the Zoom meetings through Blackboard, including written materials with step-by-step instructions.

In an email interview, Aaron Vorhis, senior director of IT Infrastructure, said “faculty are asked to refer to the Digital Learning site for instruction or reach out to the Help Desk for assistance. For IT security incidents, the university has an incident response plan to address cybersecurity threats and mitigation.”

Kreycik said if a professor does choose to send out a link, they should use the waiting room feature to check who is entering the class.

“[October] is Cybersecurity Awareness Month and provides us a reminder of our responsibilities to staying safe while connected to the internet,” Vorhis said. “All suspicious activity including purported hacking, phishing or spam should be directed to the ITS Help Desk ([email protected]).”