Security Reporter Raided By SWAT Team After Someone Put In A Bogus 911 Call
from the hazards-of-the-job dept
Brian Krebs is a phenomenal online security reporter who’s been deeply involved in many stories concerning underground hacking issues, from spam to credit carding and many other such issues. As someone who explores that world, he’s been subject to various attacks, including regular DDoS attacks on his website (he now works with a company that helps protect against such attacks). However, things got taken to another level yesterday. First, that anti-DDoS company, Prolexic, received a forged letter, pretending to come from the FBI, asking it to stop hosting the site. Then, something much bigger happened. As Krebs was getting ready for a small dinner party at his house, he walked out his front door and discovered a bunch of police officers with guns pointed at him. He’d been “swatted,” — the term for tricking a SWAT team into raiding a house based on bogus info.
“As soon as I open the front door, I hear this guy yelling at me, behind a squad car, pointing a pistol at me saying: ‘Don’t move. Put your hands up,'” Krebs, who is a long-time friend and colleague, told me. “The first thing I said was: ‘You’ve got to be kidding me.'”
In all, there were at least a dozen officers with pistols, shotguns, and assault rifles pointed at him. They had police dogs circling his house and cruisers had sealed off a nearby street. Krebs, who was dressed in just gym shorts and a T-shirt, complied. Wisely.
“Two different guys were barking orders at me,” he continued. “I finally said: ‘Which way should I go?'” One officer told Krebs to lie on the ground, but before he could comply the other cop ordered Krebs to walk backwards. Eventually, “they put the cuffs on me and took me up the street. I was freezing the whole time.”
Someone had made a call to the police, pretending to be Krebs, and claiming that “he was hiding in a closet after Russian thieves had broken into his home and shot his wife.” And the police sent the SWAT team.
Why? Krebs suspects it was a response to a an article he had just posted, which highlighted a Russian website that was used to get easy and cheap access to credit reports (one interesting tidbit, is that he suggests that people are abusing the federally mandated free AnnualCreditReport.com site, which was supposed to reduce identify fraud, but may actually be enabling much more of it). Krebs figures that the people behind that site weren’t too happy about the exposure, and tried to send him a message.
Of course, if law enforcement officials weren’t so eager to rush in with a SWAT team, such issues might have been avoided as well. In fact, Krebs notes that he warned his local police agency of the possibility of such a thing happening about six months ago, but apparently no one bothered to check on that bit of info until later.
After about five minutes in custody, Krebs explained that he was the victim of a monstrous crime known as swatting. One of the officers asked if Krebs was the person who had filed a report a few months earlier. When Krebs replied yes, the officers did a quick search of his home. With preparations for a dinner party clearly on display, it quickly became apparent that Krebs’ home was not a crime scene and that the call was part of a fiendish plot. An officer told him later that they had tried calling him before he opened his front door but no one had answered the phone.
As Krebs notes, these are situations where it makes little sense for local law enforcement to rush into these things where they may not understand what’s going on.
Often local police are left to investigate, even when the perpetrators may be half a world away. He wants that to change. “Your local police department, the ones that are responding to these distress calls, they don’t have the bandwidth,” he said. “This is an area where federal law enforcement needs to be coordinating investigations. I’d like to see some sort of recognition or statement from federal law enforcement that this is something they’re actively investigating.”
Of course, I’m not sure how well that would have worked in this case, since the caller suggested it was a local crime issue. Still, hopefully Krebs’ situation raises some questions about the eagerness to send in the SWAT team, though given just how common bogus SWAT team raids have become, it seems doubtful that yet another example of a bogus raid will lead to any real change.
Filed Under: brian krebs, credit reports, ddos, hacking, security, swat team, swatting
Comments on “Security Reporter Raided By SWAT Team After Someone Put In A Bogus 911 Call”
I sure the FBI would not be to keen on people send web hosts secret threatening letters, as after all that is there job.
I believe the pranksters are actually helping the police in this instance, since eventually they will need to do something about it to actually get it right.
Hint: Making it illegal will not stop those things from happening, since the people doing it can coordinate those pranks with people outside the country.
Re: Re:
Re: Re:
Actually it is already unlawful to make a false police report. However it is not probably something that you could be deported from, for instance, Russia.
Illegal is a sick bird.
“Hint: Making it illegal will not stop those things from happening, since the people doing it can coordinate those pranks with people outside the country.”
Hint: filing a false report with the police is already illegal.
Prank!?
Why are people calling this a prank!? It’s not a prank when heavily armed police officers are involved!
Re: Prank!?
Maybe it should be called a crime instead of a prank.
Who will be the first per4son murdered by proxy through a swatting incident?
If only SWAT teams were as smart and as perfect as Mike.
Re: Re:
You mean due-diligent?
If they actually called don’t you think the guy would have answered? How about phone records to prove they actually called?
Oh you were just commenting nonsense, OK, gotcha.
Re: Re: Re:
Or better yet, how about knocking at the door or looking in the window to notice someone vacuuming? Odd concept huh?
Re: Re: Re: Re:
He came out when they were still at their cars. Presumably they had just arrived.
/
Serves Mr. Krebs right for writing about hacking. Surely he is involved in some shady stuff.
He clearly does not respect authority and did not do what the officers told him. They should have taken him out right there, no questions asked.
Doesn’t he know we are at war right now? Cyber War is the biggest threat ever, bro.
Lock him up.
Re: /
That’s a bit harsh. It isn’t like he downloaded thousands of documents from MIT servers.
So what
I can’t see the SWAT team did anything wrong in this beyond a little confusion in the suspect apprehension. The Police are charged with investigating possible crimes and sure that may lead to the occasional false arrest or detainment.
Better a case like this then some intruder shooting up his family with the Police doing nothing when he said previously they should just ignore such things.
So now they only need to find who did the prank call and to charge them with wasting Police time.
Re: So what
I agree that the SWAT team itself appeared to act correctly.
However, a system that sends a SWAT team to a residence on the basis of only a phone call is a system that is broken. Deploying a SWAT team is a major act of aggression, and it should be done cautiously.
No, charge them with filing a false report. I don’t think “wasting Police time” is the harm that came out of this. It’s the deployment of defacto military force against an innocent citizen that is the harm.
Re: Re: So what
Back in the day, Andy and Barney would have gone over to the house and knocked on the door.
Oh, and Sarah probably would have called over to make sure everything was OK, maybe have even called the next door neighbor to see if they had noticed anything.
Cant justify billion dollar budgets with that kind of police work.
Re: So what
The police should have, or be able to get the location of the caller. Also did they check where the call was coming from before reacting?
Re: Re: So what
With the advent of VoIP, it’s been quite easy to fake the calling number and caller id. Tracking down the source of the call means using CALEA records and subpoenas to get access to the phone records from the switch provider. If the soft switch is located in country X, it’s going to be a very long battle to get the records. Doing all of this before a dispatch, well that doesn’t sound feasible.
Best bet, as suggested before, would be to call in local police to scope out the situation before sending in the SWAT to bash down doors.
Re: So what
I thought you meant soswatted !
Re: So what
The little confusion in the suspect apprehension was very dangerous, as obeying one officer could get you shot by another officer. That is a situation where someone should be nominated to issue orders to the suspect before they get there.
Re: Re: So what
You mean like a chain of command? Novel idea. 😉
Re: Re: Re: So what
More likely failing to assign a commander when two groups were combined; local/fed or similar.
If we're going to send drones abroad anyway...
…why can’t we drop a Hellfire missile or two on the source of an extra-national SWATting?
I bet that the people willing to spoof a SWAT team onto an enemy will get kinda scarce once word gets around about people being blown up by armed drones the next day…
Maybe Chris Dodds will get a visit from the SWAT team for his involvement with shutting down Megaupload without due process but that will never happen and if it did then it will be going too far.
“Someone had made a call to the police, pretending to be Krebs, and claiming that “he was hiding in a closet after Russian thieves had broken into his home and shot his wife.” And the police sent the SWAT team.”
Perhaps they should have sent a meter maid in this circumstance…
This is not going to be a good year for the government.
NSL’s were found to be unconstitutional by a lower court and now they have 90 days to appeal to the ninth circuit and a judge ordered the CIA to end the silence on the killer drones by UCLA.
While unfortunate, I’d feel pretty good about my local police force coming in like the fucking cavalry in such circumstances. If Russians really had shot your wife and you were hiding in the closet (ignoring the unmanly aspects of this), having a SWAT team at the door would be pretty awesome.
THERE'S AN AMBER ALERT
IN MY PANTS!
Mike, I think the point Krebs is trying to make is that, right now, if someone files a false report with the police, it’s the local police that investigates. For “swatting” it should be passed up the line to federal authorities – especially since if it’s done through VOIP or international phone systems it’s going to be outside the reach of a local police force. (Also: since swatting is eventually going to get somebody killed, we might as well start tracking known swatters on a national level.)
“Your local police department, the ones that are responding to these distress calls, they don’t have the bandwidth . . .”
Whatthefuck does that even mean?