SKYPE for Business and LYNC servers have recently been the target of “attacks” er exploits rather where the attacker would join a non expired meeting and from use the dialout feature to make thousands of calls – resulting in gigantic bills from the telco.
What happens is that attackers find
The most prominent source for attacks are people from outside the org getting their hands on the links of either meetings that haven’t yet expired, or even recurring meetings that never expire.
There are several ways of getting to these links.
Either through public search engines, via hacked O365 mailboxes or Remote access to the client computer.
The issues with meeting URL’s in public search engines was fixed in December 2017, so if you have not installed that patch yet better get to it.
- You schedule a Microsoft Skype for Business meeting
- The meeting URL is posted somewhere publicly online
When you create a new Skype for Business meeting, you decide who gets into the meeting directly, and who waits until you let them in. We recommend that you change these options for large meetings, or when you have confidential or sensitive info. You can set the following options in a new Skype for Business meeting by clicking Meeting Options on the Meeting tab.