Swatting, the practice of falsely reporting an emergency to elicit a response from a police department’s special weapons and tactics (SWAT) team, is not a new phenomenon for the 911 community.
What is new is that a death has occurred as a result of a swatting incident.
On December 28, 2017, a dispute between online gamers turned ugly. Media reports say that one group, seeking retribution for some perceived wrongdoing, contacted a known swatter in Los Angeles and convinced him to act on their behalf. The swatter placed a call, spoofing his telephone number, to an administrative line at city hall in Wichita, Kansas, and a security guard transferred the call to 911. The caller told the 911 telecommunicator that he had shot his father in the head, was holding his mother and sister at gunpoint, had doused the house with gasoline, and was contemplating setting the building ablaze.
The telecommunicator dispatched a police response to the address provided by the caller. When police arrived, a 27-year-old man answered the door, and immediately was told to raise his hands and walk toward the officers. Regrettably, he lowered his hands to his waist, and an officer found the action threatening enough to fire a single shot at the man, killing him.
When one stops to mull this for a moment, especially considering the type of response that is dispatched to such incidents, it seems amazing that a swatting death has not happened before.
As if this event wasn’t tragic enough, the man had nothing to do with the online gaming dispute. In fact, he reportedly wasn’t a gamer at all—the swatter had provided a wrong address for the actual swatting target.
More pressure on an already overburdened group
Swatting puts 911 telecommunicators in a horrible position. As pointed out nearly five years ago by Alan Tilles, chair of the telecommunications practice at Shulman, Rogers, Pordy, Gandal & Ecker, in an article in Urgent Communications, “When you have to figure out which calls are real and which calls are not, that’s a tremendous additional burden on dispatchers who already are heavily overburdened.”
So, it is obvious that something must be done about swatting, particularly because the frequency of such incidents seems to be growing. A place to start would be for Congress to enact the anti-swatting legislation proposed by Rep. Katherine Clark (D-Mass.). The “Online Safety Modernization Act” calls for a prison sentence up to 20 years if bodily injury occurs during a swatting incident, and life imprisonment if a death occurs. Clark introduced the bill in June 2016, a few months after being swatted herself—an anonymous caller claimed that an active-shooter incident was in progress at her home.
The online gaming community is driven by social media, so it is reasonable to think that news of this law’s enactment would spread quickly and would serve as a deterrent on some level. The problem is that the law is reactive, merely punishing swatters if they are caught—it does nothing to proactively prevent swatting from occurring.
PSAP Preparation is key
Unfortunately, eliminating all swatting incidents from occurring seems highly unlikely. So, the next-best tactic would be for public safety answering point (PSAP) officials to better prepare their telecommunicators for when such incidents occur. Few, if any, PSAPs have swatting-specific operational policies or training in place, mostly because of the rarity of these types of incidents. Nevertheless, the 911 call recording in last month’s swatting incident reveals a few red flags. For instance, the caller was vague and evasive in answering the telecommunicator’s questions when being probed for details. In providing the address of the alleged incident, he also provided the ZIP code. Finally, he asked the telecommunicator several times whether she was sure that she had the address.
To be clear: our nation’s 911 telecommunicators need to make numerous split-second decisions—and it is always prudent to err on the side of caution by dispatching what is believed to be the appropriate emergency response. But it is reasonable to think that, with advanced training in call-interrogation procedures and perhaps negotiation tactics, future swatting attempts could be identified quickly and foiled before someone is injured, or worse.
Education is key and PSAP authorities should review the resources currently available. The National 911 Program held a webinar a few years ago on swatting and in cooperation with the National Emergency Number Association (NENA), published a public safety resource for 911.
So far, swatters have used social-engineering tactics to ply their craft, and there have been no reported swatting incidents perpetrated by breaching a 911 system. That’s not to say it cannot happen, according to Mark Fletcher, Avaya’s chief architect—worldwide public safety solutions, who discussed the possibility in a podcast posted last week.
“There has not been one (incident) that I found where someone has actually penetrated the 911 network,” Fletcher said. “(But) I could do it, I know how to do it. It takes a little technology, a lot of know-how, it takes a little bit of social engineering—but I could do it right now, in 30 seconds.”
Luckily, “Fletch” is one of the good guys, but the industry must take action now to shore up known vulnerabilities in today’s legacy 911 system and implement technological and operational safeguards in Next Generation 911 (NG911). Unfortunately, this is just one more thing that every PSAP official has on their “things that keep me up at night” list.