The students sat in class — or what constitutes class these days — with laptops open on kitchen counters and socked feet propped on coffee tables. Their instructor, a recognizable figure in the North Bay’s Jewish community, had delivered a virtual lesson on American Jewish culture and was just wrapping a section on anti-Semitism when a loud male voice cut through her presentation.
“Heil Hitler!” he shouted. “Death to all Jews!”
The instructor quickly muted him, but knowing he was still visible on their screens, the invader ran around his apartment, lifting his shirt to reveal swastikas on his torso.
He approached his camera and mouthed the same hateful phrases, until the instructor managed to drop him from the conference.
“It was disconcerting,” the instructor, who requested anonymity out of fear for her safety, said. “I was shaken, and I experience anti-Semitism often.”
It’s happening in virtual classrooms, living rooms and board rooms across the North Bay, victimizing students at Santa Rosa Junior College, a local middle school and in adult education courses: “Zoombombing,” or a hacker’s invasion of a private virtual conference via the ubiquitous Zoom Video conferencing application. And it’s employed with varying levels of offensiveness.
Natasha Castelli has been Zoombombed multiple times in her first week of videoconference lessons and has experienced that range. While leading her SRJC accounting class, she called on an attendee named Brian Lopez who raised his digital hand through the application.
“He unmuted himself, then yelled that a random name was a ‘Bitch ass N-word,’” she said. “He screamed it.” And he didn’t abbreviate the profanity.
She moved on immediately, ignoring it. Another student had a question, so she answered him, but then Castelli felt she needed to address the outburst.
“It was unsettling,” she said. “I saw at least two students with their jaws open like, ‘What the heck just happened?’”
A second Zoombomber battered her with questions, some of which were surprisingly topical, then started shouting “Shit! Shit! Shit!” Castelli asked him to cut the profanity, and he dropped off the call. She records each of her lectures, so she watched the presentation later to review what happened.
“He was smoking a bong the whole time,” she said, which she couldn’t see because she had pivoted from the gallery view of attendees to sharing her own screen.
According to Castelli, her students were graceful in handling each of the episodes. “I apologized to them, and they were like, ‘It happened to my math teacher too,’ or ‘It’s not your fault.’ Plus, the students are reading about it happening,” she said.
DeAnna Rogers, a coordinator for SRJC’s Basic Needs and Support Programs, said she “heard from a student that her engineering class was getting Zoombombed the other day.”
According to Rogers, the Zoombomber spewed hate speech, spelling out his disgust for specific racial and minority groups. He also used offensive screen names and tried to disrupt the chat with weird statements. He assumed the name of a registered student and “wrote out an orgasm,” Rogers said.
Other instructors describe their Zoombombers more like mischief-makers.
SRJC engineering instructor Tony Martin’s Zoombomber started “talking rudely” over the lecture, so Martin muted his microphone then ejected him from the lecture. But the Zoombomber kept returning under different aliases, at one point even copping a registered student’s name.
Communication Studies instructor Mark Nelson was the victim of a Zoombomber’s adolescent attempt at humor that irritated his students and disrupted his lecture’s flow.
Monday was the first day SRJC students moved to a virtual schedule, and there was miscommunication across the board for Nelson’s students. Some thought they could attend any of his COMM10 sections; others clearly hadn’t read his virtual-conference protocol document and popped up shirtless in the online chat.
So it wasn’t out of the ordinary for Nelson to have more students in a session than his roster indicated, plus a constant in and out of registered-but-confused students, which is why he kept putting off one attendee who insisted Nelson mark his presence.
“Are you sure you got me?” the attendee asked over and over.
“Don’t worry about it now,” Nelson replied again and again. “I’ll check you off after class.”
Nelson wanted to get on with the lesson, but the intruder kept pressing. “Are you sure? Don’t you want to get me on the roll?” he asked.
Then another student weighed in, exasperated. “Mr. Nelson! Look at his name!” she shouted.
And just like that, the mystery student — the cheekily named “Jack Mehoff” — left the lecture.
Nelson is grateful his experience was lighter than his colleagues’. “It was just a blip [in my case]. No porn or hate speech,” he said, although he recognizes the potential for harm.
Lynda Williams, instructor in SRJC’s Chemistry and Physics department, had a similar issue with oddly named attendees.
“The other day there was someone in my class whose name was, and I’m not joking, Candy Man,” she said. “I asked him to identify himself, but he didn’t, so I removed him from the class.”
Classrooms full of minors are not exempt from the obscene and distracting.
An eighth-grader at a North Bay public middle school whose mother requested anonymity said her English class was Zoombombed by two different harassers.
One entered the session with the name “Nick Gerr,” so when he was called upon, the teacher would inadvertently utter a racial slur.
The second Zoombomber used a “normal-sounding name,” according to the student, “but he put up a photo of boobs as his background” using Zoom’s green screen functionality that allows the attendee to import any image of their choosing.
“Everyone noticed before the teacher could end the session,” she said.
In the end, her teacher cut short the lesson “because [the Zoombombers] were being so disruptive.”
All of this invasive behavior has instructors grasping for their security settings.
Williams now uses password protected meeting IDs, requires students who use an alias in Zoom to identify themselves within 30 seconds if requested and has changed her settings to force a chime whenever someone enters or leaves the room.
“It’s kind of annoying, but you can watch that way,” she said.
Other SRJC instructors make sure to set up their video conferences through Canvas using ConferZoom. “It is a protected environment,” said Anne Donegan, history instructor and chair of the social sciences department. “Outsiders can’t get into the session.”
Atalie Halpin, an adjunct art history instructor, went a step further. She advised enabling Zoom’s waiting room feature, which allows the host to control who enters the classroom. “This is a good idea to protect against this kind of behavior, but it may be difficult to implement for large classes,” she cautioned.
The waiting room is one of a few different security measures Zoom recommends to hosts. Another is to generate a random meeting ID rather than using the personal meeting ID (PMI) assigned when you created an account.
According to Zoom’s website, “Your PMI is basically one continuous meeting and you don’t want randos crashing your personal virtual space after the party’s over. (Learn about meeting IDs and how to generate a random meeting ID here.)
After his run-in with “Jack,” Nelson switched to the waiting room method, a good fit for his roughly 30-student sections. He hasn’t had any issues since.
In addition to implementing a waiting room, Martin now also uses password protected meeting IDs.
“I am a bit embarrassed I hadn’t set up the password. I figured, ‘Who would bother us?’” Martin said. “I was mistaken.”
No one is sure how Zoombombers are getting into the virtual classrooms.
The eighth-grader said she “heard through the grapevine that ‘bad kids’ are sharing [Zoom] codes with each other and joining sessions that aren’t even for their school to prank each other’s classes.”
Some SRJC instructors suspect similar antics; others suspect true hackers are at work.
“I’m not publishing my conference information publicly,” Castelli said. “I’ve Googled it, too, and my meeting room doesn’t show online so I don’t know how [the Zoombomber] got it.”
The hijacking incidents have become so common the FBI issued guidance to Zoom users on “exercising due diligence and caution” when using any video conferencing platform.
Among its recommendations, the bureau suggested requiring a meeting-specific password, using the waiting room feature to control the admittances of guests and ensuring users have the most updated version of the application.
“In January 2020, Zoom updated their software,” the FBI said in its statement. “In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.”
As of April 4, Zoom enabled passwords and waiting rooms by default.
Accounting instructor Castelli lamented the situation.
“It’s already such a stressful time, and people at the JC are doing everything they can to get through their studies,” she said. “It’s kind of kicking people when they’re down, which is not a cool look on anyone.”
