As University President Michael Roth ’78 embarked on his second day of teaching class over Zoom, things seemed normal. He was happy, excited for another day in which he could connect with the 52 students in his “The Modern and The Postmodern” class. But then, about 14 minutes in, havoc struck.
“It kind of just came on really abruptly,” Katie Cahn ’20, a student in Roth’s class, said. “And this person with, I assume it was a guy, with no image…, he had put a profile picture of a shoe, like an athletic shoe as his picture. He came on and was like, ‘Hi,’ and interrupted Roth, and Roth was quiet for a second ’cause I think he was a little confused.”
Following this interruption, Roth attempted to get the class on track.
“There was silence, and Roth was like, kind of continued lecturing, and the guy was just like, ‘My name’s Mike Cocklong,’ and Roth was like, ‘Oh, you’re not in this class,’ ’cause I don’t think Roth realized what the name was [or denoted].”
Fittingly, the topic of the class was Freud, specifically on aggression. After several diagnosable Freudian outbursts on behalf of the intruder, students from the class assisted Roth in effectively kicking the individual out of the Zoom session. Despite the brief nature of the incident, it was unnerving for Roth and his students alike.
“I was surprised by how uncomfortable it made me feel, but ultimately it wasn’t that big a deal,” Roth said. “I was just kind of shaken for a few minutes. I’ve taught online but mostly asynchronous classes, almost all asynchronously. But this, it just was a different kind of experience than what I’ve had before. I was a little shaken by it for awhile.”
This sentiment was echoed by students in the class. Some felt downright frightened.
“We come to class every day at this institution where people have worked really hard to get here,” Cahn said. “When we go to class, we kind of behave ourselves, or we have a social dynamic that we have established. And to have to move it on to Zoom, we’ve tried to do our best to continue it onto this platform. To have someone come on and like…. It’s just very vulnerable, and…destabilizing.”
Cahn highlighted the way in which the privacy of classes made it more conducive for learning.
“I don’t want to make it seem like we are privileged so we should be kept away from the public or anything like that,” Cahn said. “But more so that like, they were very sacred spaces. And then to have something so polluting come in and have such a power, like we don’t know this person and for them to be able to turn all of our attention away from this sacred thing, it feels really scary, it felt really scary. That someone could have the power to do that.”
Aside from classes, these incidents are also occurring in group meetings. Katelin Penner ’22 was leading an organizing webinar on how to work on political campaigns when 7–8 intruders came onto the call.
“They started writing racist slurs with the pen on the screen,” Penner said. “They started turning their backgrounds into explicit pornographic images. And then they started basically constantly speaking. And I hadn’t set the Zoom settings correctly at the beginning, so I couldn’t mute everyone on the call in a way that overrode their own unmuting. So if I muted them, they could unmute themselves. So I removed them from the call, which prevented them from getting back on the call, but then they created new Zoom accounts and were back on in under a minute.”
After her attempts to get the call under control were unsuccessful, Penner ended up having to ending the meeting. She describes this experience as being invasive and alarming.
“I was scared because I was leading an organizing call for people who were a lot younger than me on the call,” Penner said. “I think 14-year-old kids, when you see like the n-word written across the screen, or seeing someone’s background being like a penis, that can be very alarming. And I think that was really what I was worried about.”
Roth and Penner are not the only ones who have experienced surprising and scary interruptions to their virtual calls. As it turns out, people all over the world have encountered faceless infiltrators, which pose a serious problem to the use of Zoom as a platform. These interruptions have manifested in a variety of ways: from benign examples of Youtubers dropping in on classes to film pranks for their channels to more violent attacks filled with racist slurs. These disruptions are so widespread that a new term has been coined for them: zoombombing.
“Zoombombing is when an unexpected participant shows up in a meeting and does whatever they decide to do,” Wesleyan Chief Information Security Officer Joe Bazeley explained. “Most commonly, this is disruptive activity.”
These people aren’t hackers, he explained. Rather, they are just individuals who use software that enables them to get into open Zoom rooms and be disruptive. In the beginning, it may have been people just sharing Zoom invites with other people, allowing them to zoombomb. Now, however, many believe that zoombombers have specialty programs installed that allow them to infiltrate random Zoom meetings.
“It’s called a ‘script kiddie,’ where you take someone else’s program and you run it,” Bazeley explained. “But you don’t really understand how it works or why it works, and if it doesn’t work for some reason, you can’t do anything. But when it does work, you’re able to say, ‘Find a phone call and hop in’. So, to circle back, is this really hacking? Most of it, probably not. I wouldn’t really consider it that.”
A program named “zWarDial,” created by members of SecKC, a group devoted to cyber security, established through a proof of concept that people looking to disrupt meetings are able to access a significant number of Zoom rooms, most of which have no protection. Bazeley guesses that someone has written software which enables the user to try millions of different combinations of meeting IDs in an effort to find open rooms in which they can “bomb” into.
“Conceptually, you could write a program that just keeps trying meeting rooms,” Bazeley said. “Try all zeroes, all zeroes and one, all zeroes and two, and just keep working your way up, and eventually, you’re going to find one. Doing that manually would be exceptionally painful, but if you write a program that just says ‘keep trying,’ you could probably find an unsecure Zoom meeting at any institution within an hour or two and then hop in and be disruptive.”
While this may sound scary, Bazeley highlighted several precautions that one can take when setting up a Zoom meeting. One is the “waiting room” function, which allows the host to see the participants wanting to join the meeting and decide which ones to let in. Another is the sign-in function, which requires the user to sign in with the organization’s credentials before being able to be let in. There are many others as well. But, as Bazeley noted, universities have to understand the problem of accessibility when deciding which security precautions to utilize.
“So it becomes this balancing act for the faculty members,” Bazeley said. “Where the question is, do I want to say the class is as open as possible to increase the likelihood that all of the students are gonna be able to show up on time and have the full experience? Or do I want to put protective measures in place that might mean that some of the students are gonna be five minutes late, and other students might actually not be able to get into the course and can only see the recording? Which is still, you get some value out of it, but if it’s a discussion section, it’s not as valuable to hear the discussion as it is to participate in the discussion.”
These settings also may make some classes harder to teach.
“If you are teaching class, for instance, and you want students to annotate what you’re showing them because you’re parsing a sentence or something, if you have [enabled the setting to bar students from showing their screen] they can’t actually interact with what you’re showing them,” Visiting Assistant Professor of Classical Studies Serena Witzke noted. “So you know, there are some security features that might be too far for what you wanna do with the class.”
Though waiting rooms and sign-in functions may make accessing class a little more difficult for students, many professors consider this a fair trade-off for the guaranteed safety of their classroom environment.
“I really do like Zoom,” Witzke said. “I think it’s a really accessible platform. I’ve been using it before we made this transition for other meetings with people across the country. I think that provided they are no longer sharing their data that they’re collecting from all of us, I think that it’s an accessible, easy to use application, and if you go through the steps of securing it it can be a really safe application. It has a lot more features than Google Classroom provides, and more people are familiar with it than Microsoft Teams. There’s some cons to it, but I think there’s a lot of pros.”
Ultimately, Zoom is an internet tool, and the internet is a place in which trolls are able to roam freely, blanketed in relative anonymity. So perhaps it was all but inevitable that at a time in when life as we know it has, for the most part, transitioned online, internet trolls are simply doing what they do best: trolling.
“In Zoom, anyone on campus means anyone on the planet,” Bazeley said. “It’s very different to have an open meeting for anybody who can walk to the meeting versus anybody.”
Annika Shiffer-Delegard can be reached at ashifferdele@wesleyan.edu.