Cyber Incident Victim: US municipal government
Date:
Apr 2020
Location:
United States of America
Summary
A Zoom-bombing incident disrupted a US municipal government's House Oversight Committee briefing on women's rights in Afghanistan, with unauthorized participants interrupting the session multiple times. This marked the first known federal-level disruption of its kind, following similar incidents targeting local governments in states like Michigan and Wisconsin. The attackers employed typical Zoom-bombing tactics including hurling insults and threats, prompting security concerns from multiple agencies. The FBI had previously issued nationwide warnings about unsecured Zoom meetings, while the Department of Justice subsequently declared such intrusions criminal acts. The incident occurred amid broader scrutiny of Zoom's security vulnerabilities, leading the platform to initiate security enhancements including software updates and external consultations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 3, 2020, a virtual briefing hosted by the US House Oversight Committee on women's rights in Afghanistan with the Special Inspector General for Afghanistan Reconstruction (SIGAR) was disrupted by at least three separate Zoom-bombing incidents. The attackers infiltrated the Zoom meeting and interrupted proceedings, though specific details of their disruptive actions were not disclosed beyond the general definition of Zoom-bombing as involving hurling insults, displaying pornographic material, or issuing threats. This incident occurred despite an FBI nationwide security alert issued on March 31, 2020, which explicitly warned government agencies and private organizations about securing Zoom meetings against unvetted participants. The disruption marked the first confirmed instance of Zoom-bombing targeting the US federal government, following similar incidents affecting local government meetings in Michigan and Wisconsin earlier that week.
The attack prompted Representative Jim Jordan (R-Ohio) to send a formal letter to the House Oversight Committee urging an immediate suspension of Zoom for all official activities, citing both the security vulnerabilities exposed during the incident and broader concerns about Zoom’s documented security flaws. Jordan emphasized the need to evaluate the committee’s cybersecurity preparedness to prevent unauthorized access to sensitive information through the platform. This occurred amid escalating institutional warnings, including a US Senate advisory against Zoom usage issued the day before the incident and parallel guidance from the Department of Defense restricting Zoom for official communications. On April 4, 2020, the Department of Justice formally classified Zoom-bombing as a federal crime. In response to widespread criticism, Zoom initiated security improvements, including software updates, external security consultations, and enhancements to its bug bounty program. No further disruptions to House Oversight Committee meetings were reported following the incident.