What Is Swatting?
Swatting is a term used to describe the action of making hoax phone calls to report serious crimes to emergency services. People who carry out a swatting prank call aim to fool emergency services into sending a Special Weapons and Tactics (SWAT) team to respond to the supposed emergency.
So-called swatters will falsely report major events like bomb threats, hostage situations, and murders to encourage the most serious response from emergency services. As a result, swatting has resulted in several deaths of people innocently targeted by SWAT teams.
How Does Swatting Happen?
Swatting incidents typically occur when an attacker has gained access to their victim’s personal information, such as their home or work address, which they are likely to obtain through one of these processes:
Computers, gaming consoles, and mobile phones offer an option for users to enable location services, which allows the device to access their location to offer a more personalized experience. This can make the user’s location accessible and visible to other people, which could enable an attacker to see their home address.
With doxing, cyber criminals publish people's personal information on the internet. Doxing often involves information being gathered by hacking personal accounts and accessing public databases and social media platforms.
Over-sharing personal information on websites or social media platforms is a common method for people's home addresses falling into the wrong hands. Sharing home addresses online poses a major risk of swatting.
Every internet user has a unique Internet Protocol (IP) address allocated to their personal device and home or work network. While this enables them to access the internet and communicate with other computers, the IP address should be private. However, attackers do have means of finding IP addresses, which can reveal further personal information.
Why Do People "SWAT" Others?
Swatting is often intended as a prank but can have serious consequences when SWAT teams respond to them. Other swatters carry out sophisticated, targeted attacks in which they use software to hide their identity and location.
Anyone can fall victim to swatting, with reported incidents targeting celebrities and public figures. But most incidents have targeted people in the online gaming community and people taking part in gaming livestreams, as the attacker is able to watch events unfold on their stream. The U.S. government has acted to prevent swatting by imposing serious penalties, including life in prison, on anyone caught carrying out the attacks.
Examples of Swatting
There have been several high-profile examples of how serious swatting attacks can be. These include:
Black Lives Matter Los Angeles
In August 2020, the home of Black Lives Matter activist Melina Abdullah was surrounded by Los Angeles police. The co-founder of Black Lives Matter Los Angeles livestreamed a situation that saw armed officers surround her home. It soon emerged that the incident was a swatting attack in which a caller reported a false hostage situation “to send a message.”
One of the most high-profile swatting cases involved Los Angeles resident Tyler Barriss making a false claim against Andrew Finch, in Kansas, in 2017. Barriss made a hoax call to emergency services, reporting Finch for killing a member of his family and holding two others hostage. Police arrived at Finch’s house and shot and killed him. Barriss was arrested and given 20 years in prison.
Sergey Vovnendo vs. Krebs
In 2013, Ukrainian hacker Sergey Vovnenko sent heroin to the home address of cybersecurity blogger Brian Krebs via dark web site Silk Road and the U.S. Postal Service (USPS). The hacker attempted to get the blogger arrested for drug possession by sending him the drugs then reporting it when the package arrived at his address.
However, the plot failed and the hacker was later sentenced to 41 months in prison for his role in an unrelated international hacking conspiracy.
Notable Swatting Statistics
Putting a figure on swatting cases is difficult because swatting is not classified as a specific category in the crime statistics database of the Federal Bureau of Investigation (FBI). However, a former FBI special agent has revealed that swatting cases more than doubled from 400 in 2011 to over 1,000 in 2019.
How To Prevent Swatting
While the act of swatting itself is difficult to stop, there are steps users can take to avoid becoming a victim. This includes using a firewall to ensure web application security and preventing spoofing or Structured Query Language (SQL) injection attacks.
Simple processes and best practices users can take to prevent swatting include:
Users can prevent swatters from gaining access to their personal information by enforcing strict privacy and security settings on their devices and social media accounts. They should also take time to regularly check the safety and security settings on their email and social media profiles, especially when they get a new computer or mobile phone.
Switch Up Your Passwords
Regularly changing passwords, in addition to using strong, unique passwords for online accounts, is crucial to avoiding swatting attacks. This ensures that, even if an account gets compromised, the attacker will not be able to use the same password to access other accounts. As a result, it lowers the risk of swatters discovering users’ personal information.
Turn On Two-factor Authentication (2FA)
Using passwords alone is not enough to secure online accounts. Users should add an extra layer of security to their accounts by using 2FA, which requires them to verify their login activity by entering a code that is sent to their personal device.
Internet users need to avoid oversharing personal information on social media and public websites to prevent the threat of swatting. This prevents information like users’ home and work addresses from getting into the wrong hands. It is also important to be mindful of whether information shared on social media could be used by attackers to understand users’ location or piece together identity attacks.
What To Do Once You Are Swatted
In the event an attacker is able to launch a swatting attack, follow this three-step process:
A swatting incident can lead SWAT teams to think they are dealing with a serious emergency. They could interpret any sudden actions and movements as being hostile and may be more likely to fire their weapons. It is therefore important to remain calm, which will in turn lead to authorities responding in the same manner. A good example of this is the calm response of Black Lives Matter activist Melina Abdullah.
A swatting attack can lead to tense and scary events for both the victim and law enforcement responders. This may cause responders to search the house or temporarily handcuff any individuals they find on the property. While this may lead to agitation, it is important to cooperate with officers, follow their instructions, and calmly explain the situation.
Swatting is taken very seriously because it is a huge time and cost expense for authorities’ emergency response teams and can result in unnecessary casualties. Swatting victims need to file a report then press charges against the person that initiated the event.
How Fortinet Can Help
The Fortinet SWAT product helps internet users avoid swatting by keeping their IP address hidden with virtual private networks (VPNs). A VPN is crucial to securing small and medium businesses and individual users. It establishes encrypted, private, and secure internet connections that avoid public Wi-Fi and ensures privacy and anonymity on the public internet. This hides personal information, ensuring that users’ browsing history, IP address, location, and web activity cannot be intercepted by cyber criminals looking to commit swatting attacks.