On March 24, 2020, a white supremacist named Andrew Alan Escher Auernheimer, best known by his pseudonym “weev,” invaded a Zoom webinar about anti-Semitism that was hosted by a Massachusetts Jewish student group, pulled his shirt collar down and exposed a swastika tattoo on his chest, the Anti-Defamation League (ADL) reported Sunday.
The FBI is now getting involved with stopping Zoombombing, which has been spreading in recent weeks like the coronavirus, as Zoom video conferencing has become widespread during the pandemic. In addition to the webinar incident, the Bureau reported that in late March 2020, during a Massachusetts-based high school Zoom class, an unidentified individual dialed into the classroom, yelled a profanity and then shouted the teacher’s home address in the middle of instruction.
Andrew Auernheimer, whose mother told Newsweek he has Jewish relatives on both sides of his family, is nevertheless the webmaster for The Daily Stormer.
According to the ADL, “weev” has a long history of exploiting technology to gain attention to his anti-Semitic views. In 2016, he claimed credit for sending white supremacist fliers to thousands of networked printers on college campuses around the country, saying the Jews are destroying the country “through mass immigration and degeneracy.” In two subsequent waves of “fliering,” he depicted Jews being killed and raped and called for supporting and defending acts of violence against anyone he perceived as anti-white. He also participated in a harassment campaign against Jewish journalists on Twitter.
On November 20, 2012, Auernheimer was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization. was found guilty of identity fraud and conspiracy to access a computer without authorization, and was sentenced to 41 months in federal prison and ordered to pay $73,000 in restitution. But then, in March 2013, civil rights lawyer and George Washington University Law School faculty Orin Kerr joined Auernheimer’s legal team, free of charge, and on July 1, 2013 filed a brief with the Third Circuit Court of Appeals, arguing that his convictions should be reversed because he had not violated the relevant provisions of the Computer Fraud and Abuse Act.
On April 11, 2014, the Third Circuit vacated Auernheimer’s conviction, on the basis that the New Jersey venue was improper, since neither Auernheimer or his co-conspirators, nor AT&T’s servers were in New Jersey at the time of the data breach.
Way to go, Orin! Go Colonials!
According to Molly Boigon of the Forward, “Zoombombing has affected synagogues, schools and even the restaurant chain Chipotle, which was Zoombombed by a participant who broadcasted pornography to hundreds of attendees during a public conference.”
A Health Geography Ph.D candidate named Sophie Geffros tweeted on March 23: “Um. Weird internet nazis appear to have invaded my shul’s ‘How to Run A Seder’ Zoom workshop and spammed it with pornography and swastikas! What in the [expletive]!!!”
Cindy Goldberg, 56, a school board president, told Boigon in a phone interview she had been waiting for a Zoom meeting to start a few nights earlier, when hackers started posting cartoon images of Hitler, photos of Nazi soldiers and swastikas on screen.
“Awful doesn’t begin to touch it,” Goldberg said. “It’s horrific. It’s disgusting. It’s disheartening.”
As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts. The following steps can be taken to mitigate teleconference hijacking threats:
Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
Manage screensharing options. In Zoom, change screensharing to “Host Only.”
Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.