Daily Bulletin


The Conversation

  • Written by The Conversation
imageWhen the SWAT team bursts into your bedroom, it's not only unpleasant but potentially deadly.Jason Eppink/Flickr, CC BY

Imagine this: there’s a knock at your door. “Pizza delivery!” It’s the fifth time in the last hour that you’ve had to say to a delivery-person: “No, I really didn’t order anything.” That’s irritating.

Half an hour later, there’s another noise at the door. This time it’s forced open as your house is stormed by the heavily armed and aggressive special response unit of your local police force. They’re responding to a tip off that warned them of a hostage situation at your address. That’s not just irritating. That’s dangerous.

Why is all this happening? Turns out, you’ve come to the attention of a cluster of mischeif-makers and misanthropes in one of the internet’s dank corners.

You’ve been “doxxed”. Your private information has been posted, perhaps by an anonymous imageboard user, who’s implored others to “do with it as you will”.

This might sound far-fetched, but these sorts of internet-enabled attacks have become more frequent in recent years. In fact, the Federal Bureau of Investigation has been cautioning citizens about “swatting” (see below) since 2008.

It has become common to see articles about how these attacks have affected politicians (both Republican and Democrat in the US), celebrities, journalists, businesses, video game streamers and public servants.

What is doxxing?

Doxxing – named for “documents” or “docs” – is the act of release of someone’s personal and/or identifiable information without their consent. This can include things like their full legal name, social security numbers, home or work addresses and contact information.

There’s no set format for a “dox”; the doxxer simply publishes whatever information they’ve managed to turn up in their searches. Sometimes this even includes the names and details of their target’s family or close friends.

As a tactic of harassment, doxxing serves two purposes: it intimidates the people targeted by invading and disrupting their expectations of privacy; and it provides an avenue for the perpetuation of that person’s harassment by distributing information as a resource for future harassers to use.

Technology and security expert Bruce Schneier argues that 2015 will see even more doxxings, as “everyone from political activists to hackers to government leaders has now learned how effective this attack is”.

What is swatting?

Swatting – named for the US police Special Weapons And Tactics (SWAT) teams – is the act of making a false report to the police with the intention of having a heavily armed response team sent to the target’s home.

This is made even more problematic by the militarisation that local US police forces have undergone in the last decade through initiatives like the Department of Defense’s 1033 program, which allows the pentagon to provide military grade weapons and equipment to local police forces on a free, permanent loan.

Technology journalist Sarah Jeong describes this as “assault by proxy”, as the police can cause serious injury to the targets of these swatting attacks.

Swatting can have terrible consequences on those targeted and their families.

How do these attacks happen?

Unfortunately, the technical barrier to doxxing or swatting a person is low. A doxxer can acquire information on their target through a variety of legitimate public sources. Or, more nefariously, through social engineering techniques.

Swatting often just requires the name, phone number and address of the intended target. Swatters often use cheap or freely available anonymising technology to disguise their identity, or to “spoof” the phone number of their target, when making their false report — a move that makes their crime difficult to police.

These attempts also prey on the good faith basis with which emergency responders treat their callers, and as a result valuable police time and resources are diverted away when they may be needed elsewhere.

How can you protect yourself?

If you find yourself at the receiving and of these forms of intimidation and abuse, you’ve likely done nothing wrong. People are doxxed and swatted for all sorts of imagined wrongs, as banal as having an opinion on the internet or playing video games.

Unfortunately, the prevalence of doxxing and swatting is, in part, born of a perfect storm in personal data insecurity and easily-abused systems for reporting crime. There are no perfect solutions for avoiding being doxxed or swatted except making yourself a more difficult target by adopting strong information security practices.

While the simplest solution for online security is not having online data, this is impractical in the digital age because major parts of our social and professional lives are intermediated through web services. That said, there are a few precautions you can take to increase the security of your data online.

Google yourself

One of the first steps in securing your personal details is discovering to what extent they’re already out-there and publicly available. If you find old accounts or websites you no longer want, sites like justdelete.me can provide information about having your account deleted from certain websites.

Don’t re-use passwords for multiple services

This can be difficult, as a new password for every service you use will be taxing to even the best of memories. The best, most complex passwords will be challenging to guess or to brute-force, but also difficult to remember.

Here’s where technology can make life easier; a password manager app, like LastPass, KeePass or 1Password can help you set unique, complex passwords for each service you use, and let you secure them behind a single, more memorable password.

Though password managers come with their own risks, I’d argue that the benefits of using complex passwords can outweigh these.

Turn on two-factor authentication

Two-factor authentication requires that people trying to access your account have access to a password as well as a “trusted device” – typically your mobile phone – in order to receive an authentication code before gaining access to your account. The Two Factor Auth website lists popular web services and their support (or lack of support) for two factor authentication.

You can find more information in advice from people who’ve experienced these attacks, and at websites like Crash Override Network, a support network for the targets of online abuse that provides some excellent guides on online security, and how to cope with doxxing and swatting attacks.

Andrew Quodling does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

Authors: The Conversation

Read more http://theconversation.com/doxxing-swatting-and-the-new-trends-in-online-harassment-40234

Writers Wanted

As Trump exits the White House, he leaves Trumpism behind in Australia

arrow_forward

Biden’s Senate majority doesn't just super-charge US climate action, it blazes a trail for Australia

arrow_forward

Disaster season is here — do you have a Resilience Action Plan? Here's how the small town of Tarnagulla built theirs

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister's Remarks to Joint Party Room

PRIME MINISTER: Well, it is great to be back in the party room, the joint party room. It’s great to have everybody back here. It’s great to officially welcome Garth who joins us. Welcome, Garth...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Business News

7 foolproof tips for bidding successfully at a property auction

Auctions can be beneficial for prospective buyers, as they are transparent and fair. If you reach the limit you are willing to pay, you can simply walk away. Another benefit of an auction is tha...

Dominique Grubisa - avatar Dominique Grubisa

Getting Ready to Code? These Popular and Easy Programming Languages Can Get You Started

According to HOLP (History Encyclopedia of Programing Languages), there are more than 8,000 programming languages, some dating as far back as the 18th century. Although there might be as many pr...

News Co - avatar News Co

Avoid These Mistakes When Changing up Your Executive Career

Switching up industries is a valid move at any stage in your career, even if you’re an executive. Doing so at this stage can be a lot more intimidating, however, and it can be quite difficult know...

News Co - avatar News Co



News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion