Swatters Hack Smart Devices

In a recent spate of swatting attacks, perpetrators have hijacked smart gadgets to watch or live stream the bad joke unfolding and engage the responding officers. Hackers have live-streamed police raids on innocent households after hijacking their victims' smart home devices and making a hoax call to the authorities, the FBI has warned.

These events are the latest escalation of a crime known as "swatting", in which offenders fool armed police or other emergency responders to go to a target's residence.

The US Federal Bureau of Investigation confirms that pranksters are hijacking weakly-secured smart devices in order to live-stream swatting incidents. It said offenders had even spoken to responding officers via the hacked kit.

Swatting has origins in prank calls to emergency services and over the years, callers used increasingly sophisticated techniques to direct response units of particular types. In particular, attempts to have SWAT (US Special Armed Police using special weapons and tactics) teams be dispatched to particular locations spawned the term swatting.

Swatting is a criminal tactic of deceiving an emergency service into sending a police and emergency service response team to another person's address. This is triggered by false reporting of a serious threat. In a statement the FBI said  "Recently, offenders have been using victims' smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks"

To counteract the rising number of swat cases, FBI officials are now working with technology vendors to advise customers on how they could select better passwords for their devices. Furthermore, the FBI said it's also working to alert law enforcement first responders about this new swatting variation. 

Determining a fake emergency call is not always a simple task. Sometimes, offenders spoof the victim's phone number to increase credibility, so the dispatch officer has no reason to suspect a hoax.

Swatting is a criminal offense punishable by fines and prison time as it is considered a public safety issue. The FBI has first warned of this phenomenon since 2008, although it had started much earlier. In 2009, one swatter received more than eleven years in prison for using the tactic to harass various individuals. Another, involved in the 2017 Wichita swatting incident that ended with one individual being fatally shot.

Oodaloop:        Bleeping Computer:        ZDNet:       BBC

You Might Also Read: 

Connected Devices Must Be More Secure:

 

« UAE Creates A Cyber Security Company With Israeli Partners
Healthcare Is The Prize Target For Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Absa Cybersecurity Academy

Absa Cybersecurity Academy

Absa Cybersecurity Academy is an initiative aimed at empowering marginalised South African youths to become certified cybersecurity specialists.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

RAND Corporation

RAND Corporation

The RAND Corporation is a non-profit institution that helps improve policy and decision making through research and analysis.

Secora Consulting

Secora Consulting

Secora Consulting is a professional services company specialising in tailored cybersecurity assessments and cyber advisory services.

Cygna Labs

Cygna Labs

Cygna Labs is a software developer and one of the top three global DDI (DNS, DHCP, and IP address management) vendors.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

Adaptiva

Adaptiva

Adaptiva, the autonomous endpoint management company, delivers the fastest way to patch and manage endpoints at scale.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Seers

Seers

Seers is the world’s leading privacy & consent management platform for companies worldwide. Trusted by over 50,000+ businesses.