HELENA — The Helena City Commission was forced to postpone its regular meeting Monday evening, after people repeatedly disrupted an online Zoom videoconference.
The city has been conducting its meetings online using Zoom due to the COVID-19 pandemic. On Monday, just after 7 p.m., several people who had joined the Zoom call began shouting, displaying pornographic images, and playing loud music.
Around 7:20, city staff abruptly ended the online meeting. The meeting was reopened shortly thereafter, but interim City Manager Melinda Reed said, due to technical issues, they had been unable to change the security settings to prevent a similar disruption, and some members of the public were not able to rejoin.
The commission was scheduled to hold a public hearing on finalizing the city budget for the upcoming fiscal year. Commissioners said, in light of the importance of that issue, they wanted to ensure all people could be fully heard. They then called for adjourning the meeting and bringing up these issues again at a special meeting next Monday, June 29.
As governmental agencies across America have begun holding meetings over videoconference, a number have reported these types of disruptions, commonly known as “Zoom-bombing.”
“This was new for us, but we should have anticipated it,” Mayor Wilmot Collins told MTN after the meeting. “I just want to apologize to our community and let them know that we will improve our system, we will regroup and we will do better."
In a news release, city staff said their technical issues had interfered with their ability to remove the people causing the disruptions. "We regret this offensive intrusion," the statement said. "Over the next hours and days, City management will work with ITS support staff to try to pinpoint how these individuals gained access and take steps to make sure this doesn't happen again."
When using platforms like Zoom, the FBI recommends exercising due diligence and caution in your cybersecurity efforts. Investigators say to follow these steps to mitigate teleconference hijacking threats:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- Manage screensharing options. In Zoom, change screensharing to “Host Only.”
- Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated its software. In the security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.