Swatting is a cyber harassment technique with a goal of sending an armed emergency response team to a victim's location.
After reading this article you will be able to:
Copy article link
Swatting refers to a harassment technique most often perpetrated by members of the online gaming community. Swatting entails generating an emergency law enforcement response against a target victim under false pretenses. Swatters do this by making phone calls to emergency lines like 911 and falsely reporting a violent emergency situation, such as a shooting or hostage situation.
Swatters often consider what they are doing to be a prank, but it can come with serious consequences. Swatting occupies law enforcement response teams, making them unavailable to respond to real emergencies. There have even been swatting incidents where law enforcement officers were shot, and in one case the victim of the swatting was shot dead by law enforcement.
In recent years, the US has tried to dissuade swatters by imposing serious penalties for the perpetrators, but swatting continues to be an issue. Swatting is often hard for law enforcement to address, since many swatters use sophisticated techniques to hide their identity. Swatters disguise themselves using techniques like caller ID spoofing, where they utilize software to make it appear as though they are a local caller when they could be anywhere in the world.
By and large, both the perpetrators and victims of swatting are players of online games such as Call Of Duty, Counter Strike, and DOTA. Swatters use social engineering and doxing* tactics to gather personal information about rival gamers.
In some cases celebrities have also been targeted by swatters, including Rihanna and Justin Bieber. Some of the politicians who have introduced legislation to crack down on swatting have also been targeted by swatters as a form of retaliation.
Brian Krebs, a journalist who specializes in reporting on cyber security and exposing cybercriminals, has been swatted multiple times by attackers around the world, including one particularly nefarious attack where a hacker arranged to have heroin delivered to Krebs’ home right before the police response team arrive in an attempt to frame him for drug charges. Several of the swatters who targeted Krebs have since been arrested on cyber crime charges.
*Doxing (or doxxing) is the practice of researching someone’s personal information such as identity, address, and phone number for the purpose of sharing that information publicly. The goal of doxing is to disrupting the victim’s privacy.
While everyone should be careful to maintain their online privacy, online gamers should take extra care to ensure they won’t be victims of swatting. For starters, gamers should avoid divulging information about their identity or location on in-game chat channels or gaming forums. They should also avoid using screen names that would make it easy for strangers to identify them. Gamers can take further precautions and hide their IP address using a service like a VPN, this will ensure that a potential swatter won’t be able to locate them based on their IP address.
In 2018, Seattle's police department created a "swatting registry": a list of names and addresses of people who self-report that they could be at risk for a swatting attack. When the police receive a 911 call targeting someone added to the registry, they know to investigate before sending a full SWAT team. Police in Wichita have implemented a similar approach. While this practice is still not widespread, swatting registries are one way that police departments have attempted to combat this problem.
About web application security
Learning Center navigation