Tele-Hacking: Video Conference Hijacking and Steps You Can Take To Mitigate The Risk and Respond
Client Alert | 1 min read | 04.03.20
The world’s shift to video-teleconferencing (VTC) in the wake of COVID-19 has presented an opportunity for sophisticated hackers to infiltrate digital meetings and access confidential and proprietary information. This expanding threat has important implications for everyone in the public and private sectors using any VTC platform.
Privacy and security issues in VTCs may pose immediate business, economic, and national security risks. For example, reports suggest a world leader shared screenshots of national security issues during a VTC, raising concerns that national secrets may be compromised. For the private sector, the risks could also be significant. A tele-hacker could obtain access to and trade on inside information, steal trade secrets, or publicly disseminate sensitive and confidential information (or hold that information hostage for a sizeable ransom). To protect against these threats, public and private sector actors should revisit their cybersecurity policies, coordinate with VTC vendors, and ensure a mitigation plan is in place.
For businesses making such services available, redoubling cybersecurity and compliance efforts, and communicating best practices to customers, and users alike, is critical.
Law enforcement is also monitoring these trends. The Federal Bureau of Investigation (FBI) recently released guidance specific to mitigating the risk of tele-hacking with VTC, which businesses may use to benchmark their efforts:
- Make meetings private by requiring a password or controlling the admittance of guests.
- Limit distribution of teleconference links.
- Limit screen sharing to “Host Only” to prevent people and unintended participants from taking over and sharing images or content that is inappropriate or alarming.
- Constantly monitor for software updates.
- When selecting a VTC vendor, consider what security measures those vendors offer, such as end-to-end encryption.
If you believe you are a victim of a tele-hack, it is important to execute your incident response plan and consult technical and legal professionals to help with remediation and analyzing any disclosure obligations to the government, customers, or others.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 3 min read | 11.21.25
On November 7, 2025, in Thornton v. National Academy of Sciences, No. 25-cv-2155, 2025 WL 3123732 (D.D.C. Nov. 7, 2025), the District Court for the District of Columbia dismissed a False Claims Act (FCA) retaliation complaint on the basis that the plaintiff’s allegations that he was fired after blowing the whistle on purported illegally discriminatory use of federal funding was not sufficient to support his FCA claim. This case appears to be one of the first filed, and subsequently dismissed, following Deputy Attorney General Todd Blanche’s announcement of the creation of the Civil Rights Fraud Initiative on May 19, 2025, which “strongly encourages” private individuals to file lawsuits under the FCA relating to purportedly discriminatory and illegal use of federal funding for diversity, equity, and inclusion (DEI) initiatives in violation of Executive Order 14173, Ending Illegal Discrimination and Restoring Merit-Based Opportunity (Jan. 21, 2025). In this case, the court dismissed the FCA retaliation claim and rejected the argument that an organization could violate the FCA merely by “engaging in discriminatory conduct while conducting a federally funded study.” The analysis in Thornton could be a sign of how forthcoming arguments of retaliation based on reporting allegedly fraudulent DEI activity will be analyzed in the future.
Client Alert | 3 min read | 11.20.25
Client Alert | 3 min read | 11.20.25
Client Alert | 6 min read | 11.19.25
