Chinese spies are trying to snoop on Zoom conversations, US intel experts say

Foreign spies are using America’s reliance on video-conferencing software Zoom to spy on business executives and government officials, US intelligence experts say.

Cyberspies from China, as well as Russia, Iran and North Korea have made attempts to monitor meetings held on Zoom as the coronavirus spurs an explosion of teleconferencing, three anonymous officials told TIME.

“More than anyone else, the Chinese are interested in what American companies are doing,” one official said.

The spies are searching government, corporate and academic Zoom chats for information they can steal, including research and intellectual property information, according to the officials.

Zoom — which has seen its popularity explode during the coronavirus epidemic as Americans have been forced to stay home to slow the spread of the coronavirus — has been criticized in recent weeks for its privacy and security issues, leading CEO Eric Yuan to apologize.

In a blog post earlier this month, Yuan admitted that Zoom “did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.”

The US officials told the magazine that there is “no evidence” that Zoom has been compromised by China — it routs some of its encryption keys through Chinese servers — but said that the platform’s security gaps may leave it vulnerable.

In a statement to TIME, Zoom said that it “has a number of documented controls and protections in place to protect data and prevent unauthorized access, including from Zoom employees. These controls are strictly enforced across the company, regardless of jurisdiction.”

Last week, at least two US state attorneys general sought information from Zoom about the lengths to which it goes to protect the privacy of its users.

“We are alarmed by the Zoom-bombing incidents and are seeking more information from the company about its privacy and security measures in coordination with other state attorneys general,” Connecticut Attorney General William Tong said.

The FBI’s Boston office has warned Zoom users not to make meetings on the site public or share links widely after it received two reports of unidentified individuals invading school sessions, a phenomenon known as “zoombombing”.

New York State AG Letitia James has sent a letter to Zoom with a number of questions to ensure the company is taking appropriate steps to ensure users’ privacy and security.