[ISN] SWAT team goes to wrong home in 911 scam

From: InfoSec News (alerts@private)
Date: Sun Dec 16 2007 - 22:14:01 PST


http://www.montereyherald.com/ci_7719737

By Julia Reynolds
Herald Staff Writer
12/14/2007

A Salinas family whose apartment was surrounded by more than a dozen 
heavily armed SWAT officers Wednesday night were victims of a high-tech, 
long-distance scam known as "swatting," police said.

Around 9:30 p.m., a caller to county 911 operators claimed to be a 
15-year-old boy living in North Salinas. He said three armed men with 
AK-47 assault weapons were trying to break into his apartment.

As officers rushed to the 2200 block of North Main Street, the desperate 
caller told operators he'd hidden in a closet because the intruders 
entered the dwelling and were looking for him.

Police Cmdr. Bob Eggers said at least 15 SWAT officers surrounded the 
apartments, along with several sheriff's deputies who arrived after 
hearing frantic dispatches on their radios.

"Virtually the whole city went out there," Eggers said. "If you think 
about it, three men armed with AK-47s? It paralyzed us."

Believing they still were in danger, police ushered the boy's mother and 
sister out of the apartment under armored protection.

It was then, police said, they learned they'd been scammed.

It turned out the 15-year-old boy in the apartment had been "chatting" 
on his computer with someone claiming to be a young man from Chicago. 
The person apparently used software or an Internet calling system to 
generate a phony call to Monterey County's 911 dispatchers, making them 
believe the call really came from the boy in Salinas.


Teen had no idea

Police said the Salinas youngster had no idea a SWAT team was heading 
toward his apartment until the boy's Internet acquaintance asked him 
through the computer if he "heard any sirens approaching."

Coincidentally, Eggers saw a television news program a few nights 
earlier about swatting, a new crime in which people disguise their 
caller ID to elicit a SWAT response for a false emergency, often from 
thousands of miles away. The callers are frequently young pranksters 
picking random victims, but in some cases, individuals have been 
targeted.

"I realized that this was exactly what occurred to us," Eggers said.

But the night didn't end there.

Less than an hour after the SWAT unit rushed to North Main Street, 
Eggers' phone rang. The caller said police hadn't responded to an 
earlier burglary report.

"I asked where did the burglary occur. He gives the address we'd just 
been to," Eggers said. The caller identified himself as the 15-year-old 
boy.

"I said 'That's funny, we just spoke to him.' And he hung up," he said.

The swatter likely used Voice over Internet Protocol with a disguised 
caller ID, police said. VoIP services allow users to make calls directly 
from a computer, converting the voice into a digital signal that travels 
over the Internet that is then changed to a regular telephone signal.

Even after Eggers spoke with the apparent swatter, calls reporting 
emergencies at the same address came in twice more that night and police 
say they had to keep sending out officers to be sure residents were 
safe.

"What they're not getting is it leaves our city vulnerable and puts 
people in harm's way," Eggers said. "It's an extremely dangerous 
situation. It's beyond juvenile."

In other cities, similar pranks have occurred that, like the one in 
Salinas, could easily have turned deadly.

An Orange County victim who thought he heard prowlers outside his house 
charged at SWAT officers with a knife in his hand, said news reports.

The officers, who carried assault rifles and were accompanied by dogs 
and a helicopter, handcuffed the man and his wife at gunpoint, while the 
couple's two toddlers slept inside. Police said they thought they were 
responding to a shooting with threats to shoot more victims.

For that incident, 19-year-old Randal T. Ellis of Washington was charged 
with hacking, assault with a machine gun by proxy, false imprisonment 
and falsely reporting a crime. Prosecutors say he faces up to 18 years 
in prison. Ellis is scheduled for a preliminary hearing in Orange County 
next week.

In a case being tried in a Texas federal court, four online chatters 
were charged with conspiring to swat more than 100 victims around the 
country. Stuart Resoff of Ohio pleaded guilty in that case and faces up 
to five years in prison and payments and fines of $250,000 when he is 
sentenced in March, U.S. attorneys said.


Disguising caller ID

To disguise their caller IDs known as "spoofing"  swatters have either 
hacked into others' phone systems or have used legal services such as 
Spoofcard, which allows subscribers to disguise their caller ID as any 
number they choose. The service even electronically changes the gender 
of callers' voices if they choose.

Now some legislators want to shut down such activities, and the U.S. 
Senate will soon debate S. 704, also known as the Truth in Caller ID Act 
of 2007.

Police, meanwhile, are relying on their own computer geniuses to try to 
beat spoofers and swatters at their game.

In the Orange County case, detectives were able to trace the crime to 
Ellis through computer forensics.

Salinas police are hoping to do the same with their own swatter. 
Officers said that after the SWAT operation Wednesday, the victim 
voluntarily gave up his computer to police for analysis by the 
department's computer forensic unit. Detectives are hoping they can find 
the swatter's IP address buried in the hard drive's files.

"Everything you do on them is traceable," Eggers said. "Hopefully our 
computer forensic folks are going to be able to find something valuable 
for us."

On Wednesday, before the long night was over for emergency responders, 
Eggers said the swatter struck a final time.

That call wasn't placed to 911 operators or police. It was to a local 
restaurant, ordering $127 worth of pizza that was delivered to the boy's 
apartment.

Eggers said the family sent it back.


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Sun Dec 16 2007 - 22:20:39 PST