For those of a certain age, you may remember the old gag where you would call up a business and ask if they had “Prince Albert in a can.” This happened way back in the days when you could purchase loose tobacco in a tin can. Prince Albert was one such product.
Now, if the person on the phone answered yes, you could say, “Well, let him out!” Yes, this is what pranks looked like in the 1960s.
Fast forward 40 years, and the pranks aren’t so harmless. They have, in some cases, even turned deadly.
Swatting is a rather new innovation, often used by gamers to intimidate and harass other gamers or even gaming companies, as we’ll learn about later in the post. It involves sending police to a location based on a false claim of someone using a gun or threatening violence.
These days, cyber criminals are taking it a step further and using it to target businesses and their employees to attempt to intimidate those businesses into paying for the attackers to stop.
Let’s get a little deeper into the definition of swatting, find out how these criminals can obtain the information they need to do this, and, of course, we’re going to talk about how you can prevent swatting at your organization.
What is swatting in cyber security?
Swatting is simply the act of obtaining a person or organization’s address and making a claim that causes law enforcement to respond with SWAT teams to respond to what is a nonexistent threat.
Swatting has become incredibly common, even to the point that there are new classes of the act that include celebrities, political figures, and people who swatters just hate for some reason.
Recently, the attacks have been expanding to include executives and board members of businesses, compelling many cyber security departments to start taking action against these threats.
How do swatters gather information?
In this article, Chris Pierson, the Founder and CEO of BlackCloak, told CSO, “What we’re seeing right now is very different. It’s a coordinated precision attack against corporate executives.”
After gathering information on who’s who from company websites, LinkedIn, and other business directories, swatters can then use other online tools to identify phone numbers and even the addresses of these people.
They can then call the police and tell them that there is a hostage situation at that address, that there has been a murder, or some other dire threat.
In the same article above, Pierson says, “We are seeing it with much more frequency… the trend is unnerving.” Even more unnerving is that Pierson can point to no particular reason for these events.
“We don’t know what the motivation is. It could be things associated with current events, or it could be to cause chaos,” he says. “But we don’t have a definitive motive.”
In another article that Pierson wrote himself, he notes that while “the surge in the swatting crimewave began in early October 2022 [it] has escalated significantly since the start of this year (2023).” He also goes on to say that the attacks no longer appear random but instead seem “organized and purposeful.”
Multiple industries, including healthcare, pharmaceuticals, insurance, and others, are being targeted, with hackers concentrating most of their attacks in Boston, Chicago, San Francisco, and Los Angeles.
That said, these are not the only places where the attacks are being carried out, so it’s crucial to start preparing for your defense against swatting attacks no matter where you live.
Recent Swatting Incidents
While each swatting incident is a cowardly, despicable act, few have been as upsetting as the recent incident involving the Seattle-based Fred Hutchinson Cancer Center and its patients.
Criminals were able to breach the hospital's systems by exploiting a vulnerability in Citrix and obtain the information of approximately 1 million current and former patients of the hospital.
With that information in hand, cyber criminals contacted at least 300 people and told them that if they did not pay $50 to have their information removed from dark information lists, they would call 911 and report an incident at their home.
Obviously, those responsible for cyber security in healthcare are battening down the proverbial hatches to prevent further incidents of this kind.
In an incident from November 2020, 22-year-old Yanni Ouahione, upset that he’d been banned from playing Rainbow Six: Siege more than 80 times, called in a hoax at Ubisoft’s Montreal headquarters.
Believing there to be a hostage situation in progress, police carried out a major operation with the staff of the office barricading themselves on the rooftop while SWAT teams swept the building. They found no evidence of wrongdoing, and ultimately, the swatter was sentenced to community service.
And proving that no one is immune to swatting, someone called 911 in January 2020, claiming that there was a fire at the White House and that someone was trapped inside.
In May 2023, the FBI finally began tracking these incidents earnestly, creating a national database. We can only hope that they manage to change something as a result.
How to prevent swatting
Whether you’re a gamer, a person working in cyber security in healthcare, someone who is an executive at a corporation, or anyone else who is vulnerable to the potential of being swatted (read: everyone), there are steps that you can take to reduce your susceptibility. Here are a few of them:
- Reduce the amount of personal information you share online. Remove your location from your profiles. Don’t share home or work address online. Avoid oversharing on those social profiles. You’d be surprised how easy it is to figure out where someone is with just a picture and a few more details.
- Create strong passwords. Anyone who has been through cyber security awareness training knows that using strong passwords with multi-factor authentication is imperative. This reduces the chance of hackers accessing information they can exploit for a swatting attack.
- If you see something, say something. Swatters will often use phishing attacks that aim to extract vital and personal information that they use to find your location. If you know anything suspicious, contact your cyber security team or any authorities who can help you stop an incident before it starts.
- Know how to use your privacy and security settings on every device you use to access the internet. Do the same with any of your social media accounts. This is especially true of location services that some social media platforms enable automatically.
Can swatting happen to me?
We are all vulnerable to swatting attacks. It’s a sad reality of modern life. The ability to access personal information in combination with a desire to create chaos and hurt people is akin to keeping dynamite in the same storage room as boxes of matches. Eventually, this precarious situation could lead to severe consequences.
However, if you do everything you can to keep your personal information safe from prying eyes, you can rest easy knowing that you’ve eliminated a potential threat. We want you all to be safe, and we’re happy to help you understand more about how to prevent swatting attacks from happening to you. Be safe!
Are you doing all you can to prevent a swatting incident?
Get a free trial of our phishing simulator and put yourself and your organization to the test!