Adding a “Dimension” to Swatting
Posted on April 27th, 2023
Imagine you are a hobbyist 3D printer who has not considered the cybersecurity concerns of your connected additive devices. You are out grocery shopping and come home to flashing lights and dozens of police officers. You see them carry an evidence bag with a small 3D printed object in it that you have never seen before. You just became victim to a crime known as swatting but now with compromised additive machines you are giving the person executing the swat a physical presence in your home. This allowed the attacker to download an object into your home. The object in an evidence bag we mentioned earlier is an auto SEAR device to transform a semi-auto into a full auto firearm.
“Having an auto sear without the proper federal license, which requires an extensive background check and costly fees, can carry a 10-year federal prison sentence.” (The Trace)
It is unfortunate that this class of crime has seen a huge increase over recent years:
“Putting a figure on swatting cases is difficult because swatting is not classified as a specific category in the crime statistics database of the Federal Bureau of Investigation (FBI). However, a former FBI special agent has revealed that swatting cases more than doubled from 400 in 2011 to over 1,000 in 2019.” (Fortinet)
As more home based manufacturing machines become networked, the risk of allowing a malicious outsider to send a physical object that only takes a matter of minutes to print but could make a victim spend a decade in jail is incredibly concerning. This is a situation in which a defendant will not have the needed information to prove their innocence. At best the victim is now fighting a costly uphill battle and at worst will be found guilty of a felony due to the remote actions of an unknown attacker, potentially even a foreign attacker. Swatting operations are frequently run as for-hire services from abroad.
What seems like a niche concern in operational technology could precipitate a life altering nightmare for the victim. The ease of enacting this twist to the crime of swatting to potential impact on target combined with the difficulty in identifying or prosecuting those involved makes this scenario a very real concern. Having visibility into your AM processes can help bring clarity to swatting incidents.
If you are interested in learning more about securing AM or a demonstration of the BISON capability, please contact us at firstname.lastname@example.org