A rash of “swatting” incidents recently occurred across the country.
Swatting is the practice of falsely reporting an emergency to elicit a law-enforcement SWAT (special weapons and tactics)-team” response. This week, a Cincinnati-area high school was placed on lockdown when a 911 call was made to report an active-shooter incident — it later was learned that several other Ohio high schools similarly were targeted.They’re not alone. In Minnesota, a dozen schools had to go on lockdown last week because of false reports of active-shooter incidents. In Colorado, several schools also were targeted last week in swatting incidents, as was the Denver Public Library.
In fact, the Washington Post reported that schools in 14 states have reported swatting incidents since September 13.
Swatting is nothing new. It is a harassment tactic that inconveniences public-safety organizations, including emergency communications centers (ECCs), while wasting emergency resources and placing emergency responders and the community at risk unnecessarily. Fortunately, no one was physically injured in any of the incidents that occurred over the last two weeks, though emotional trauma certainly was inflicted.
But every once in a while, they cost someone their life.
Last year in Tennessee a swatting incident occurred because the swatter wanted to harass someone into relinquishing a desired Twitter handle. A 911 call was made that falsely reported that a murder had occurred at the swatting victim’s home. When police officers arrived, the stress apparently caused the victim, a 60-year-old grandfather, to suffer a fatal heart attack.
A high-profile incident occurred in December 2017 in Wichita, Kansas. This time, a dispute between online gamers turned ugly. One group, reportedly seeking retribution for some perceived wrongdoing, contacted a known swatter in Los Angeles and convinced him to act on their behalf. The swatter placed a call, spoofing his telephone number, to an administrative line at city hall and a security guard transferred the call to 911. The caller told the 911 telecommunicator that he had shot his father in the head, was holding his mother and sister at gunpoint, had doused the house with gasoline, and was contemplating setting the building ablaze.
The telecommunicator dispatched a police response to the address provided by the caller. When police arrived, a 27-year-old man answered the door, and immediately was told to raise his hands and walk toward the officers. Regrettably, he lowered his hands to his waist, and an officer found the action threatening enough to fire a single shot at the man, killing him.
As if this event wasn’t tragic enough, the man had nothing to do with the online gaming dispute. In fact, he reportedly wasn’t a gamer at all—the swatter had provided the wrong address for the actual swatting target.
Given all of this, swatting should be on the radar screen of every public-safety agency — but it’s not. I suppose it’s because officials believe it’s not going to happen to them. And statistically speaking, they’re probably correct. According to the National Emergency Number Association (NENA), about 240 million emergency calls are received by the 911 system annually. Unfortunately, the Federal Bureau of Investigation (FBI) doesn’t track swatting specifically in its crime statistics. However, Kevin Kolbye, a former FBI swatting expert now the assistant chief of the Arlington (Texas) Police Department, estimated that the number of incidents in 2019 was about 1,000 — a number so small as to be statistically irrelevant.
This type of thinking is similar to the thought process that fuels the debate concerning the use of seat belts in automobiles. Inconceivably, a small number of people still refuse to wear them, even though it is required in all 50 states because they think they never will be in a life-threatening crash. And again, statistically speaking, they’re probably correct — it is estimated that only 1.34 traffic fatalities occur for every 100 million miles traveled.
But this thinking is wrong-headed — if you ever are in a moderate-to-severe car crash you’re going to want to be wearing a seat belt/shoulder harness and be driving an airbag-equipped vehicle because it has been shown that this combination of protective devices reduces fatalities in such crashes by 61 percent.
This type of thinking is just as wrong-headed as it pertains to swatting. One thing that immediately can be done is the Federal Communications Commission (FCC) to ensure that voice service providers have implemented the FCC’s STIR/SHAKEN caller ID authentication framework. The framework provides a methodology for reducing the effectiveness of illegal spoofing, thus making it easier to identify bad actors. The framework originally was developed to combat illegal robocalls, but also can be applied to the 911 system to root out swatting calls. Earlier this month, the FCC published a public notice seeking comments on the effectiveness of STIR/SHAKEN and we look forward to additional commission action on this topic.
Some communities have engaged with their residents and established anti-swatting registries, allowing individuals who fear being the target of a swatting incident to alert local law enforcement in advance and provide additional information that can be shared with responders if a swatting incident does occur. Other agencies, including the Los Angeles Police Department (LAPD), no longer publicly share information about celebrity-involved swatting incidents, to reduce the likelihood of copycat activity.
The 911 community can do more to prevent future tragedies when it comes to these attacks. Implementing swatting-specific policies, developing enhanced caller-interrogation training, and working with legislators to increase penalties for swatting convictions are examples of actions that can be taken. In the case of the Wichita incident referenced above, the perpetrator was sentenced to 20 years in prison. Meanwhile, the Ohio legislature is considering a bill that would make swatting a third-degree felony, and a first-degree felony if someone is injured. Under this new law, anyone convicted of swatting not only would face prison time but also the possibility of fines and restitution. We need more of this to deter future bad actors.
We would welcome the opportunity to help you develop a swatting-mitigation strategy — please reach out.
John Chiaramonte is president of MCP’s consulting division. Email him at John Chiaramonte@MissionCriticalPartners.com.