November 19, 2015

A bill introduced in the U.S. House of Representatives on Wednesday targets “swatting,” an increasingly common and costly hoax in which perpetrators spoof a communication to authorities about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.


The Interstate Swatting Hoax Act of 2015, introduced by Rep. Katherine Clark (D-Mass.) and Rep. Patrick Meehan (R-PA), targets what proponents call a loophole in current law. “While federal law prohibits using the telecommunications system to falsely report a bomb threat hoax or terrorist attack, falsely reporting other emergency situations is not currently prohibited,” reads a statement by the House co-sponsors.

To address this shortcoming, the bill “would close this loophole by prohibiting the use of the internet telecommunications system to knowingly transmit false information with the intent to cause an emergency law enforcement response.”

“In recent years, swatting has become a widely used tool for online harassers to attack journalists, academics, domestic violence survivors, and celebrities,” the lawmakers wrote. “Perpetrators locate victims’ private information online and use technology to conceal their identity as they contact emergency responders.”

Fairfax County Police outside my home on 3/14/13

Fairfax County Police outside my home on 3/14/13

As the target and victim of multiple swatting hoaxes, I support efforts to crack down on this dangerous crime, which wastes public resources, unnecessarily endangers lives, and diverts first responders away from real emergencies.

However, the bill doesn’t and can’t address a big part of the swatting problem: A huge percentage of those involved in swatting are under the age of 18, and the federal justice system simply isn’t built to handle juvenile offenders. As a result, most cases of youths detained for swatting are handled by state and local authorities. Thus, unless more states pass anti-swatting laws, many of these crimes likely will continue to go unpunished.

California, for example, has a law on the books that requires convicted swatters to repay any costs associated with the incident, which can range as high as $10,000. Under the California law, which took effect Jan. 1, 2014, convicted swatters can face up to a year in jail.

34 thoughts on “Federal Legislation Targets “Swatting” Hoaxes

  1. Tony George

    Something has to be done. Law Enforcement must respond to what they perceive to be real emergencies, and wasting time and energy responding to fake ones takes a toll on society as a whole.
    My main concern though is this: What is there to prevent/detect multiple “swattings” sent by would-be terrorists to divert or occupy law enforcement so as to create an ideal target area miles away from the diversion?

    1. Barry Sotero

      Great foresight, Tony! No law will be an obstacle to an out-of-state perpetrator, hiding being a TOR address through a VPN, trying to support an operation like Paris. Imagine how much worse it could’ve been had they tried this prior to the operations!

    2. G

      Yes, I thought of the same thing as I was reading the article. Divert first-responders to a location distant from an actual target.

      Also, draw first-responders to a location that is then targeted by a remotely-detonated bomb or other means of mass murder.

      These kinds of acts could be committed internationally, e.g. terrorist cell has one or two people local to the event, and others in another country placing the calls. In such cases there would be effectively no way to prosecute the callers.

      Ultimately the solution requires partially or wholly disentangling the telephone network from the internet. That would solve a multitude of other cyberthreats at the same time. As for “it can’t be done,” you also used to be able to buy dynamite at the hardware store.

      Convenience and expedience are false gods, and their demands for human sacrifices have become too costly to allow them to continue.

  2. Jonathan Jaffe

    This makes it a federal crime. Sadly, laws only affect the lawful. It won’t stop those who really want to affect you.

    I’d hope your local police know your address and treat calls with a little more thought before initiating a massive response. Police have a balancing act between hurry-up-and-catch-crooks and breaking-down-grandmas-door-in-error and usually the latter gets the press.

    1. BrianKrebs Post author

      +1. There is no substitute for getting to know your local law enforcement. It’s just smart no matter what side of the law you’re on!

      1. Jonathan Jaffe

        Easier for me, out here in the country, than in a major urban area or even a nice suburb. Harder to know your local police in higher population densities like Chicago or New York.

        The growth of SWAT capability may have lead to their use in serving traffic warrants to persons with no history of violence. That isn’t good. Arresting meth lab operators (a problem here abouts) is better suited to their talents.

        I hear Dyre is popping up for Win10 and their improved Edge browser, just in time for the holidays!

        Stay well.


  3. Bruce Hobbs

    The underlying problem is that new technologies are introduced without properly vetting them for security holes. In this case, caller ID has not been set up in a way that is secure; anybody can send anybody else’s phone number when making a phone call.

    The Internet of Things is only going to make this worse as we will have thermostats broadcasting people’s whereabouts to anyone who wants to know on the Internet. We’ll have refrigerators that can be monitored to see if anyone is home. We’ll have so-called smart TVs that will tell hackers which TV shows you watch.

    People involved with Internet standards need to be able to think like hackers. If they need to, hire some white-hat hackers to check the standards. They can start with caller ID, although it may be too late for this one. If so, the authorities are going to have to use caller ID as only one resource to verify where someone is calling from. They will need to include some other technology for location verification that, hopefully, can’t be compromised.

    Passing laws due to stupid people creating new ways to commit crimes is not the answer.

  4. Nikon1

    I totally agree with Bruce Hobbs – Congress needs to make the Telcos / Communications players tighten up the security of Caller ID.

    There are software programs for the smartphones that will spoof any name / number you want to pay for. Purely personal – but nothing annoys me more that to have a local phone number show up on my caller ID – and find that it’s some 3rd world country-based telemarketer trying to sell me some thing / service that I have absolutely no use for!

    1. BrianKrebs Post author

      Most of the swatting attacks I’ve encountered in my reporting started not with caller ID spoofed numbers, but with swat hoaxes that were relayed via AOL instant messenger and TTY (text-to-speech services for the hearing impaired) to emergency responders. I only know of one attack where the swatter called in over a real phone line.

      1. Joe Random

        One would hope that military-style raids would be conducted with extra caution, especially when the information they’re going on isn’t reliable.

      2. Bruce Hobbs

        I’m surprised. I thought that caller ID spoofing was virtually untraceable. Duke Energy customers are getting slammed by scammers and Duke can only sit by and tell people to block certain phone numbers.

        1. Jason R

          E911 services can see the BTN as well as the CID. You can’t spoof the BTN without hacking the teclo itself. As the telcos want to get paid, and it is hard to get paid if you don’t know who to bill, they have the keys to the signalling kingdom locked up ever since the blue boxers.

      3. timeless

        For people who are somewhat curious.

        As with most services, attacks on the system weren’t really considered when the system was designed. But confidentiality was considered essential.

        There are lots of telecommunications bridges out there.

        The Cuckoo’s Egg talks about how bridges were abused in days of old. Things haven’t really gotten better in the time since.

      4. Peter

        With VOIP now supporting the E911 I would think weakly passworded accounts would allow attackers to change the address from the owners location to the SWATTING victims location pretty easily.

  5. Martin Potter

    What is with all these piecemeal laws?? Why not simply make it illegal to falsely report ANYTHING that requires a response from police? By any means, using any technology or none at all, under any circumstances. Then let the courts decide the appropriate punishment in each individual case.

    1. Ambianca

      Ah…the principled approach to governance; how refreshing to see that there are still some individuals who understand its virtues and advantages over the micro-management approach, which balloons the law books, clogs the courts, and justifiably erodes the citizenry’s confidence in government by law.

      Alas, I’m afraid that government by principle is not only a lost art, but it appears that it’s not even recognized as useful any more. For example, in the U.S., the Constitution is constantly under attack. Yet, I wonder how many U.S. citizens know that it was conceived and purposed to be the supreme law of the land. Not enough to keep it safe from erosion by a plethora of micro-managing edicts, apparently.

      Anyhow, you’re right. There’s no good reason why swatting can’t be handled under a more general rubric covering ALL false reports that involve law enforcement or emergency services actions.

    2. Nobody_Holme

      A rape victim reports the crime.

      The accused has a solid (but entirely untrue) alibi the police/cps/da/whatever can’t break.

      The rape victim now faces prosecution.

      This is simply one scenario. For once, government actually IS working logically. Shocking, I know, but there it is.

  6. Stratocaster

    Once it’s illegal, they have to be able to locate and apprehend the bad guys. Teen basement hackers is one issue, but how to catch the Russian cybercrooks whose profitable ox you have just gored is another. Getting to know the local cops is great, which is useful for them identifying hoaxes rather than their showing up with weapons drawn, but there have to be enforceable penalties for the perps.

  7. Fluff bomb

    Why has the cop got a riot shield in front of his legs, should we be calling you Brian ‘shin-kicker’ Krebs?

  8. Edward

    The penalty for swatting should be severe.
    It is really an attempt at murder, and since it is with malice aforethought it is equivalent to an attempt at murder in the first degree.

  9. mark sands

    Question: How many people die from swatting? All those guns, it’s got to go wrong some time. How often?

  10. a

    what if the information comes from an intercept. the people being intercepted know that they are being intercepted, so they can present false information.

    i wonder it the police can accuse you of misleading them. interesting thought 🙂

    1. Jonathan Jaffe

      This is why intelligence sources have ratings for source reliability (A thru F) and information reliability (1 thru 6). A1 is Reliable/Confirmed and it gets less reliable from there.

      The possibility of deliberate dis-information is always a consideration in intelligence gathering. This is why sources and methods are important in evaluating the raw take. Confirmation is essential. This possible non(true) aspect is partly why intelligence materials have a hard time standing up to the rules of evidence.

      In short, just because some lawful listener hears that Brian Krebs is a dealer in kevas and trillium does not make it so.

      the concept at

  11. the hatter

    Great there’s going to be a piece of law to point directly at those calling in the SWAT, but how about some accountability too for the units who barge in bearing deadly force without having done sensible reconnaissance for themselves. I’m sure there’s plenty of small things they can do in a very short period of time which wouldn’t affect the outcome for situations where they should be there, but would stop a lot of the overstepping SWAT do both in swatting cases and when they’re being overused on regular police business..

    1. Michael

      It depends on the agency. My agency determines the actual resident of the location and tries to make contact via phone before we do anything that requires entering the home. We still setup and secure the area in case it is a real call but we at least get our intel first. Luckily I have been working during most of the swattings we had and I recognize the MO and handle the follow up.

    2. Dan

      And just how do you recommend that they perform recon, when there is a potential life or death situation? I do not think you comprehend or understand that in a life of death situation reaction time is everything, and the faster you are the more likely there is to be less bloodshed. The slower you are the more likely there will be a lot of blood on your hands. Instead of cleaning up a small crime scene, the crime scene now entails an entire city block due to the suspects trying to flee crashing into homes and other cars.

  12. Mike

    Key-stone cops with deadly weapons doing whatever they are told and going where ever they are told….regardless of who or what is doing the telling.

    This is NOT a technological problem. It’s just made to ‘look’ like it is. This is a leadership (or lack there-of) problem. This leadership issue is responsible for creating a ‘communication’ problem that results in SWAT being used as toy soldiers for someone else’s use.

    It is interesting to consider that such a large portion comes in through AOL instant messenger. Where is the culpability within AOL?

  13. Roboticus

    I’m not sure making it illegal at the federal level will be much of a deterrent since most people who commit these crimes believe they won’t be caught. Many years ago when I was in high school we were getting bomb threats from students. Every time they would lead the perpetrator away in handcuffs before they even cleared the building. They emphasized that they charged them as adults, that their parents had to pay thousands in fines and first responder costs and still they continued. Eventually they told us that every bomb threat took a day away from our summer vacation and then there were no more.

  14. Eric

    WHY dont phone companies perform any kind of ‘reverse path’ check to prevent such spoofed calls? If they did a simple check that the source number being displayed actually comes from the network ingress where you would expect it to come from – then the majority of these spoofed calls would go away. No more swatting, no more anonymous robocalls from ‘Rachel at card services’, etc. Data networks have (or should have) anti-spoofing ACLs at all their ingress points, why not so for the POTS network, too?

Comments are closed.