Cybercriminals, no longer satisfied with merely exposing stolen data on dark websites to compel ransomware victims to comply, are increasing the pressure by using a new technique called "swatting".

Swatting involves making a hoax call to emergency services, typically reporting a serious but fabricated incident, to draw a large police response to a victim's address. This dangerous and disruptive practice has evolved into a tool for cybercriminals seeking a ransom from individuals and businesses, threatening them with swatting if their demands are not met.

Recent swatting threats have been used against hospitals and healthcare organizations whose patient data has been stolen. Pressure on these victims to pay the ransom to avoid the disruption from a large and aggressive police response is intense.

Law enforcement agencies are struggling to cope with this trend due to the inherent challenges in tracing such calls and the serious nature of the threats, which often require an immediate response. This form of cyber extortion highlights the evolving landscape of online threats, where perpetrators exploit fear and the potential for real-world harm to extract payments from their victims. Jim Love "Swatting – the new ransomware threat" itworldcanada.com (Jan. 08, 2024)

Commentary

Swatting carries severe legal consequences. In the United States, swatting is defined as the intentional act of luring police and other emergency professionals to a location under false pretenses by making a fraudulent emergency call to create a dramatic situation.

It is considered both a federal and state criminal offense, and it may constitute either a felony or misdemeanor, which may result in severe penalties, such as years or even life imprisonment. The Interstate Swatting Hoax Act further emphasizes the seriousness of this crime.

Over the past years, this malicious act has trended upwards, with swatting cases rising from about 400 instances in 2011 to more than 1,000 in 2019. However, the actual number of incidents is likely higher due to the FBI not tracking swatting as a unique crime, and many police departments not distinguishing it from other false reports.

A multi-pronged approach is needed to counteract the escalating threat of swatting, such as enhancing technology, supporting legislative initiatives, establishing clear emergency response protocols, and educating personnel to identify hoax calls.

Although the victim of a cybercriminal can do little to prevent a determined criminal from initiating a swatting attack, perhaps the best way to avoid being a potential victim is to prevent a successful cyberattack in the first instance.

Training, education, and knowledge of an attacker's various techniques are the cornerstones of a solid network defense strategy. Defensive software and hardware all have a role to play as well.