Man Hacks 911 System, Sends SWAT on Bogus Raid 754
An anonymous reader writes "The Orange County Register reports that a 19 year old from Washington state broke into the Orange County California 911 emergency system. He randomly selected the name and address of a Lake Forest, California couple and electronically transferred false information into the 911 system. The Orange County California Sheriff's Department's Special Weapons and Tactics Team was immediately sent to the home of a couple with two sleeping toddlers. The SWAT team handcuffed the husband and wife before deciding it was a prank. Says the article, 'Other law enforcement agencies have seen similar breaches into their 911 systems as part of a trend picked up by computer hackers in the nation called "SWATting"'"
Re:So what state is the crime? (Score:2, Informative)
Re:Scary that a computer report alone... (Score:2, Informative)
Alternately, you could say we live in a time where the government is the most effective terrorist.
Re:Forged CID (Score:5, Informative)
Okay, having rtfa (Score:5, Informative)
They handcuffed the homeowner because he went out in his skivvies with a kitchen knife because he thought he heard people on the lawn. I guess he saved his door getting kicked in, but I'm not sure he sees it as a good thing.
Re:One really stupid hack (Score:5, Informative)
Yeah. I get pretty embarrassed watching goth kids have sex too.
Stupid Kid. Lucky Kid. (Score:3, Informative)
He did try to defend himself (Score:4, Informative)
Re:So what state is the crime? (Score:3, Informative)
Its almost certainly a felony in any case. Crossing state lines makes it more likely to also be a federal crime; but the two categories are orthogonal.
Would not have been murder (Score:3, Informative)
Re:Good grief (Score:3, Informative)
SWAT are paramilitary - just like soldiers in Iraq, they're generally much more primed to 'shoot first and ask questions later'. This, while acceptable in high risk situations like clearing buildings with terrorists in them, hostage situations, and active shooter cases, you don't want them running around in active mode in normal areas/situations.
SWAT has been known to kill people [cato.org] when stuff like this happens.
More details on how he did this... (Score:5, Informative)
Re:How does this keep happening? (Score:3, Informative)
That's also not counting on social engineering or internal leaks. If your minimum wage secretary decides that this must be the new sysadmin who doesn't know where the server room is yet and they must not have their card follow me please I'll put in the security code for you and now leave you alone in the room, then we've got problems. Or claim they're servicing the copy machine, or repairing a workstation, or they know a guy. That's not even taking into account the authorized users who don't use it correctly (ie copy it to the laptop, leave it unencrypted, and then has their laptop stolen).
Any interface with the outside world is an attack vector, including humans.
Re:Stupid & dangerous (Score:4, Informative)
Re:Good grief (Score:5, Informative)
Dominos can find the right house, you'd think the cops could. Then again, when it's not right the pizza guy isn't going to be kicking in the door holding a gun.
Re:Stupid & dangerous (Score:3, Informative)
So he needs better weapons...
If you can't kill all members of a SWAT team invading your property, then you need to rethink your strategy for defending yourself
Re:Good grief (Score:5, Informative)
Personally, I'm more afraid of the police than those they're supposed to protect me against.
Re:Okay, having rtfa (Score:5, Informative)
Looks like he picked the family at random (from his earlier entry into AOL's systems), then called them to verify their name and address. It seems to me that he tried to come up with a scenario that would generate the maximum possible response from the police, which is about what he got. If the homeowner was carrying a gun instead of a knife, he'd most likely be dead now. That was probably the high score that Ellis wanted to hit.
We'll see if anyone ever leaks how he did it. Could have been as simple as a compromised VOIP switch sending bogus ANI data down a trunk. Or maybe he entered a record directly into the dispatch system (which isn't supposed to be connected to the net).
At least he wasn't smart enough to fully cover his tracks.
Re:Good grief (Score:5, Informative)
It's not so much the act of informing them, but rather the act of breaking into the system in the first place.
Picture this: you come home from a days work. There's this teenager sitting at your dinner table waiting, and when you come in he says "Dude, did you know your lock is really easy to pick? Change it. I promise I didn't take anything. Later!".
I know one kid who is taking a quick trip to jail for breaking into my house . . .
Re:Good grief (Score:2, Informative)
Here in the UK there was a case of an innocent carrying a table leg in a carrier bag being shot dead by a SWAT team after someone thought it was a gun and dialled 999. The innocent turned when shouted, because he wasn't doing anything wrong (and didn't know what the hell was going on) and got shot by an officer believing his life was in danger. 'Drop the weapon' shouts are rather meaningless to someone not carrying a weapon.
Then there's the fact officers may fear other peoples lives are in danger from the off, two words, suicide bomber.
Take the Brazilian shot dead in the UK after the London bombing, intel mistakenly said he was a terrorist, the officers on the ground worked on that assumption and swung into a different more lethal gear, a gear where warning the suspect doesn't apply and shoot-to-kill is the order of the day.
You can't order a SWAT team to kill someone, but by sending them to a location you are dramatically increasing the chances that there could be a lethal outcome.
I'm pleased they are apparently throwing the book at this cnut.
Re:Good grief (Score:5, Informative)
The officer involved, a 17-year veteran with long tactical experience, pulled up in a car behind the undercover officer's. "As the officer came out," Horan said, "he was bringing his weapon up. In the course of bringing his weapon up, it discharged. He has no real explanation how."
The officer's name was not released.
Horan said the officer shouted "Police!" at Culosi. "Right after 'Police!'" Horan said, "it went pow."
Culosi was killed almost instantly.
Horan said the bullet entered Culosi's left side, traveled through his body and was recovered on his right side. Horan said the officer was aware that he should not have had a finger on the trigger and that he should not have had his
Cheryl Noel feared criminal intruders had broken into her home and grabbed a lawfully registered gun and held it pointed at the floor, the suit states.
Artson kicked in her bedroom door with his boot and, without identifying himself or telling Noel to drop her weapon, shot her three times, including once after she already had slumped to the floor [examiner.com]
Re:Good grief (Score:2, Informative)
You said he wasn't responsible. You implied that you believed his motivations were honorable. THAT is being fucking stupid.
Of course locking him up won't fix the problem, it doesn't mean he's not a criminal. The only more serious consequence would be for innocent people to die. That was a real possibility in THIS situation. The fact that it didn't happen is due only to the competence of the officers involved.
Re:Good grief (Score:1, Informative)
Innocent people who have died due to SWAT raids in recent years:
http://www.cato.org/raidmap/index.php?type=1 [cato.org]
For example:
March 24, 1992--WA
In March 1992, police in Everett, Washington storm the home of Robin Pratt on a no-knock warrant. They are looking for her husband, who would later be released when the allegations in the warrant turned out to be false.
Though police had a key to the apartment, they instead choose to throw a 50-pound battering ram through the apartment's sliding-glass door. Glass shards land inches away from the couple's six-year-old daughter and five-year-old niece. One officer encounters Robin Pratt on the way to her bedroom. Hearing other SWAT team members yell "Get down!" Pratt falls to her knees. She then raises her head briefly to say, "Please don't hurt my children." At that point, Deputy Anthony Aston fires his weapon, putting a bullet in her neck, killing her.
Officers next entered the bedroom, where Dep. Aston then put the tip of his MP-5 assault submachine gun against Larry Pratt's head. When Pratt asked if he could move, another officer said that if he did, he'd have his head blown off.
Though a subsequent investigation by a civilian inquest jury found the shooting "unjustified," the officer who shot and killed Pratt was never charged.
***
February 17, 1988--WA
In February 1988, police in Seattle, Washington conduct a late-night drug raid on the home of 41-year old Erdman Bascomb after an informant tells them there's cocaine inside.
Police knock on Bascomb's door, wait just a few seconds, then force the door open with a battering ram. Officer Bob Lisoski confronts Bascomb in the darkened apartment, mistakenly believes Bascomb to be holding a gun, and shoots him dead. Bascomb was holding only the remote control for his television.
Police found no drugs or weapons in Bascomb's home. In 1995, a federal jury found no wrongdoing on the part of Seattle police, and awarded Bascomb's family no damages.
Police Chief Patrick Fitzsimons, who had retired by the time the case made it to trial, told the Seattle Post-Intelligencer that "Police work requires a lot of high-risk situations and split-second decisions. Our officers are well-trained and exercise their best judgment. On a rare occasion, something tragic happens. But there is an awful lot of tragedy in the crack cocaine world."
Re:Okay, having rtfa (Score:3, Informative)
If you are a CLEC (local telephone company) or are reselling phone service and using a phone switch, you get access to make the entries. This is quite common amongst big companies with big phone systems or small ISPs expanding dial up locations.
Then when you provision the lines, you put the entries in. It's just data in a switch, just like a router has routes and a firewall has rules. It is subject to the same "model X has this buffer over run" and "model Y has this default password" stuff that other devices have.
And when it's being set up, you dial through it, and politely ask 911 operators to verify the address that came up on their screen was the one you wanted and the number matches, etc.
It's not some big WOPR mainframe in a tunnel somewhere run by the best and brightest local authorities, it's a patchwork of stuff thrown together by phone techs who for the most part are careful, and for the most part are authorized to do what they are doing.
Yeah, not many high school "hackers" think of it as a target right off the bat when they feel destructive, but getting in or getting lucky trying random stuff with them is not hard at all. Half the battle is just knowing such things exist.
Re:Stupid & dangerous (Score:3, Informative)
No, the fact remains that in most US states, you have the right to use deadly force to defend yourself.
In any case, this amounts to an irrelevant distinction, because you missed my entire point. In the situation I described, even if the homeowner did manage to take out a few of his attackers, he would most certainly still lose (and the press would call it "suicide by cop"). Seems a bit of a harsh outcome for doing nothing wrong, but I guess we pay that price for the 'safety" of having a class of armed citizens permitted to break down your door and drag you out of bed without announcing themselves (but hey, the USSC approved no-knock, so we'll call half a dozen corpses cool, right?).
If there's a mentally retarded man in your living room and you shoot him
Careful, don't get that strawman too close to any open flames...
I grew up in a place (in the US) where quite a few people distrusted the government (and the majority did not count as paranoid whackjobs, though I won't deny we had our share of those). The condition I described most certainly applied - And many private citizens had a better home armory than the police. I only meant to point out that, if the same thing happened to one of those people, they wouldn't care about the police/criminal distinction, they would simply think the government had finally gone all the way bad, and defend their home with deadly force.
he forged ANI, not caller-ID (Score:3, Informative)
From http://www.tech-faq.com/ani-automatic-number-identification.shtml [tech-faq.com]
ANI (Automatic Number Identification) is a system utilized by telephone companies to identify the DN (Directory Number) of a calling subscriber.
ANI serves a function similar to Caller-ID, but utilizes different underlying technology. In addition, although Caller-ID can be blocked by prefixing a call with *67, ANI is (usually) impossible to block.
ANI was originally developed for telephone company billing purposes. ANI technology is also now offered to commercial customers who may benefit from knowing who is calling them. In addition, ANI is one of the core technologies behind the 911 emergency service.
ANI data is usually transmitted in-band using multi-frequency (MF) signaling. However, ANI data can also be transmitted separately if you have an ISDN PRI.
Re:Good grief (Score:3, Informative)
That word doesn't mean what you think it means. "Homicide" simply means one person dying at the hands of another. No value judgement is involved. "Murder" is a sub-set of "homicide," but that's not the ME's call to make.