Swatters Hack Smart Devices

Uploaded on 2021-01-08 in TECHNOLOGY--Hackers, FREE TO VIEW

In a recent spate of swatting attacks, perpetrators have hijacked smart gadgets to watch or live stream the bad joke unfolding and engage the responding officers. Hackers have live-streamed police raids on innocent households after hijacking their victims' smart home devices and making a hoax call to the authorities, the FBI has warned.

These events are the latest escalation of a crime known as "swatting", in which offenders fool armed police or other emergency responders to go to a target's residence.

The US Federal Bureau of Investigation confirms that pranksters are hijacking weakly-secured smart devices in order to live-stream swatting incidents. It said offenders had even spoken to responding officers via the hacked kit.

Swatting has origins in prank calls to emergency services and over the years, callers used increasingly sophisticated techniques to direct response units of particular types. In particular, attempts to have SWAT (US Special Armed Police using special weapons and tactics) teams be dispatched to particular locations spawned the term swatting.

Swatting is a criminal tactic of deceiving an emergency service into sending a police and emergency service response team to another person's address. This is triggered by false reporting of a serious threat. In a statement the FBI said  "Recently, offenders have been using victims' smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks"

To counteract the rising number of swat cases, FBI officials are now working with technology vendors to advise customers on how they could select better passwords for their devices. Furthermore, the FBI said it's also working to alert law enforcement first responders about this new swatting variation. 

Determining a fake emergency call is not always a simple task. Sometimes, offenders spoof the victim's phone number to increase credibility, so the dispatch officer has no reason to suspect a hoax.

Swatting is a criminal offense punishable by fines and prison time as it is considered a public safety issue. The FBI has first warned of this phenomenon since 2008, although it had started much earlier. In 2009, one swatter received more than eleven years in prison for using the tactic to harass various individuals. Another, involved in the 2017 Wichita swatting incident that ended with one individual being fatally shot.

Oodaloop:        Bleeping Computer:        ZDNet:       BBC

You Might Also Read: 

Connected Devices Must Be More Secure:

 

« UAE Creates A Cyber Security Company With Israeli Partners
Healthcare Is The Prize Target For Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Gradcracker

Gradcracker

Gradcracker is THE careers website for Science, Technology (including Cybersecurity), Engineering and Maths university students in the UK.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Cyber Science

Cyber Science

Cyber Science is the flagship conference of C-MRiC, focusing on pioneering research and innovation in Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response.

Across Verticals

Across Verticals

Across Verticals is a boutique cyber security consulting firm that specializes in holistic, deeply technical and end to end cyber security advisory services based on industry best practices.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

Cysurance

Cysurance

Cysurance is a next-generation risk mitigation company that insures, warranties and certifies security solutions.

ZAG Technical Services

ZAG Technical Services

ZAG Technical Services is an award-winning information technology consulting firm delivering digital transformation solutions, IT assessments, managed services, security, and support.

Reco AI

Reco AI

Reco is an identity-centric SaaS security solution that empowers organizations with full visibility into every app, identity, and their actions to control risk in their SaaS ecosystem.