Leading stock exchange NSE has cautioned trading membersabout video conferencing app Zoom and cyber threats amid increased usage of theplatform in the wake of nationwide lockdown to contain coronavirus pandemic.
Many organisations have switched to work-from-home due tooutbreak of the pandemic with employees using online communication platforms,including Zoom, Microsoft Teams, for remote meetings and webinars.
It has been observed that some of these apps are not securedand are vulnerable to be exploited thus revealing users identity, location orcontent of the discussion, the National Stock Exchange (NSE) said in acircular.
The exchange requested all trading members to undertakeappropriate actions as applicable to their environment.
To mitigate the threat, it has been advised that officialsmay refrain from using Zoom meeting for discussion involving sharing ofclassified or sensitive information, the exchange noted.
If it is absolutely necessary to discuss official meetings,then sufficient precautions need to be taken to avoid leakage of personallyidentifiable information or other details of sensitive nature, it added.
It has been suggested to keep Zoom software patched andup-to-date.
“Always set strong, difficult-to-guess and uniquepasswords for all meetings and webinars. This is especially recommended for anymeetings where sensitive information may be discussed,” the circular said.
In a separate circular, the exchange cautioned tradingmembers against cyber attacks — social engineering, ransomware and phishing.
“This is the time when cyber attacks generally peak asthe attackers try to utilise the paranoia around such pandemics and hence werequest all of you to be very wary and careful,” NSE said.
It has been advised not to click on links or downloadattachments from unknown sources, always verify the security of a website andignore and delete emails with poor grammar and formatting.
“Pay close attention to the spelling of an email or webaddress, if there are any inconsistencies, delete immediately. Question thevalidity of any email that asks you to submit personal or financialinformation,” it added.
In addition, it has suggested not to click on COVID-19related messages with attachments and asked to be careful from websites thatstart with “Coronavirus” or “Covid”, which supposedly trackvirus outbreaks.
Earlier this month, rival bourse BSE had cautioned marketintermediaries against malicious cyber attacks amid increased usage of mobilephones and tabs.