A recent swatting incident, where a malicious actor fooled emergency services into responding to a fake shooting,...
reportedly led to the death of an innocent man in Kansas. What technical means do these actors use to trick police, and what can be done to improve emergency response infrastructure/telecommunications to prevent swatting attacks?
Swatting involves a malicious actor using a spoofed voice over IP (VoIP) address to call a nonemergency line and ask the operator or system for transfer to the 911 line. The malicious actors can use VoIP numbers that appear to be in the targeted locations of their intended victims. Anonymity through VoIP doesn't allow direct connection with the 911 line. Calling 911 on a personal phone connects to local emergency services and reveals the caller's identity and location.
Shortly after a swatting attack resulted in the death of an innocent victim, several people associated with a Twitter account called SWAuTistic came forward publicly and privately with the swatter's true identity and location. Twitter shut down the account due to swatting statements from the account holder. The swatter was later arrested and charged with involuntary manslaughter.
Currently, there are no technical workarounds that can help emergency services verify that a 911 call is authentic. To improve emergency response infrastructure/telecommunications, local and state police should be trained on swatting mitigating strategies as outlined in the document from The New Jersey Cybersecurity and Communications Integration Cell.
The mitigation strategies include indicators that the police could use to identify potential swatting incidents. An important indicator is that, in a swatting attack, the spoofed call is the only incoming call. During an actual shooting scenario, witnesses or victims make multiple 911 calls.
New regulations and standards could be a good way to prevent swatting attacks in the future. Local and state police should seek federal grants for assistance with swatting attack training.
Unfortunately, the Cybercrime Enforcement Training Assistance Act that was introduced by U.S. Congresswoman Katherine Clark (D-Mass) in 2016 was not enacted. The bill would have directed "the Attorney General to make grants to States and units of local government." This bill or a similar version should be reintroduced and enacted to prevent incidents like the Kansas swatting case.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on Emerging cyberattacks and threats
Related Q&A from Judith Myerson
An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what ... Continue Reading
Cisco's Webex Meetings platform had to be re-patched after researchers found the first one was failing. Discover what went wrong with the first patch... Continue Reading
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.