Brian Krebs is a phenomenal online security reporter who's been deeply involved in many stories concerning underground hacking issues, from spam to credit carding and many other such issues. As someone who explores that world, he's been subject to various attacks, including regular DDoS attacks on his website (he now works with a company that helps protect against such attacks). However, things got taken to another level yesterday. First, that anti-DDoS company, Prolexic, received a forged letter, pretending to come from the FBI, asking it to stop hosting the site. Then, something much bigger happened. As Krebs was getting ready for a small dinner party at his house, he walked out his front door and discovered a bunch of police officers with guns pointed at him
. He'd been "swatted," -- the term for tricking a SWAT team into raiding a house based on bogus info.
"As soon as I open the front door, I hear this guy yelling at me, behind a squad car, pointing a pistol at me saying: 'Don't move. Put your hands up,'" Krebs, who is a long-time friend and colleague, told me. "The first thing I said was: 'You've got to be kidding me.'"
In all, there were at least a dozen officers with pistols, shotguns, and assault rifles pointed at him. They had police dogs circling his house and cruisers had sealed off a nearby street. Krebs, who was dressed in just gym shorts and a T-shirt, complied. Wisely.
"Two different guys were barking orders at me," he continued. "I finally said: 'Which way should I go?'" One officer told Krebs to lie on the ground, but before he could comply the other cop ordered Krebs to walk backwards. Eventually, "they put the cuffs on me and took me up the street. I was freezing the whole time."
Someone had made a call to the police, pretending to be Krebs, and claiming that "he was hiding in a closet after Russian thieves had broken into his home and shot his wife." And the police sent the SWAT team.
Why? Krebs suspects it was a response to a an article he had just posted
, which highlighted a Russian website that was used to get easy and cheap access to credit reports (one interesting tidbit, is that he suggests that people are abusing the federally mandated free AnnualCreditReport.com site, which was supposed to reduce identify fraud, but may actually be enabling much more of it). Krebs figures that the people behind that site weren't too happy about the exposure, and tried to send him a message.
Of course, if law enforcement officials weren't so eager to rush in with a SWAT team, such issues might have been avoided as well. In fact, Krebs notes that he warned his local police agency of the possibility of such a thing happening about six months ago, but apparently no one bothered to check on that bit of info until later.
After about five minutes in custody, Krebs explained that he was the victim of a monstrous crime known as swatting. One of the officers asked if Krebs was the person who had filed a report a few months earlier. When Krebs replied yes, the officers did a quick search of his home. With preparations for a dinner party clearly on display, it quickly became apparent that Krebs' home was not a crime scene and that the call was part of a fiendish plot. An officer told him later that they had tried calling him before he opened his front door but no one had answered the phone.
As Krebs notes, these are situations where it makes little sense for local law enforcement to rush into these things where they may not understand what's going on.
Often local police are left to investigate, even when the perpetrators may be half a world away. He wants that to change. "Your local police department, the ones that are responding to these distress calls, they don't have the bandwidth," he said. "This is an area where federal law enforcement needs to be coordinating investigations. I'd like to see some sort of recognition or statement from federal law enforcement that this is something they're actively investigating."
Of course, I'm not sure how well that would have worked in this case, since the caller suggested it was a local crime issue. Still, hopefully Krebs' situation raises some questions about the eagerness to send in the SWAT team, though given just how common bogus SWAT team raids have become
, it seems doubtful that yet another example of a bogus raid will lead to any real change.