Researcher hit by hoax that brought a SWAT team to his door
Technology website Ars Technica and security reporter Brian Krebs have been targeted by cyber criminals.
Krebs had his blog knocked offline by a distributed denial of service (DDoS) attack, after his DDoS protection provider Prolexic received a letter claiming to be from the FBI. The letter asked for KrebsOnSecurity.com to be shut down for hosting illegal content and profiting from cyber criminal activity.
Later on Thursday, he was the victim of what is known as a SWATing attack. The hackers spoofed Krebs’ telephone line, called the local police, claiming to be the security blogger and alleging Russian criminals had broken into his home and killed his wife.
The police attempted to call Krebs, but he ignored the calls as he prepared for a dinner party. A SWAT team then descended on his house, apprehended Krebs, until it became clear what had happened. He had previously warned law enforcement he may be a target for a SWATing hoax- this form of attack is believed to be spreading across the US.
When Ars Technica wrote up Krebs’ story, the site was hit by a DDoS attack. Krebs believes someone paid for DDoS strikes on his and Ars’ websites via the booter.tw forum. The customer database of the website was accessible to all, as long as they knew the right address, Krebs noted on his blog.
Eric Bangeman, Ars Technica’s managing editor, revealed his site’s content management system could not be accessed for two hours.
Krebs is concerned about the potential dangers of SWATing, calling on US government to legislate on the issue.
“The local police departments of the United States are ill-equipped to do much to stop these sorts of attacks,” he wrote.
“I would like to see federal recognition of a task force or some kind of concerted response to these potentially deadly pranks. Hopefully, authorities can drive the message home that perpetrating these hoaxes on another will bring severe penalties.”
Are you a security expert? Try our quiz!