In Friday's incident, a member of Dutch Defense Minister Ank Bijleveld's staff tweeted a picture containing the web address of the meeting. The URL displayed the meeting ID and five of the six digits needed to access the meeting. After receiving a tip about the vulnerability, Verlaan and a political reporter at RTL contacted the Dutch government and were told the meeting was still secure because the Council verified specific participants via webcam before allowing them to join, he said.
Verlaan decided to call the bluff. "I entered the URL, clicked okay and saw a screen asking for a pin code. The first five I knew, I entered them and added a '1,' then a '2' and eventually I bumped into the meeting," he said. Footage obtained by POLITICO showed Verlaan in a large window at the top of the videoconference screen, dressed in a black T-shirt, grinning and waving to the ministers — some of whom laughed off the breach — as EU foreign policy chief Josep Borrell told him in a brief exchange he should leave immediately.
Yep, the mighty defense ministers of the European Union couldn't figure out how to kick someone out of their top secret meeting. The reporter had to hang up. Now that's top notch security!
So what does NSG think of teleconferencing security in the digital age, and of this incident in particular? I think that we need to step it up a notch, because video-conferencing is becoming the new normal, and we should feel safe to discuss sensitive topics with our friends and/or colleagues.
