A number of the school threats are a variant of ‘swatting’ with the goal of heavy media attention
By Christine Armario
Associated Press
LOS ANGELES (AP) - On a spring day at Mount Elden Middle School in Flagstaff, Arizona, the phone rang and a receptionist answered. A computerized female voice was on the line with a disturbing message: "I can see children. I'm going to kill children!"
The school immediately went into lockdown. Police searched the building as teachers tried to keep nervous children calm in their classrooms. Worried parents flooded school phone lines.
In the end, nothing was found.
It was the fourth threatening call in a month at the 10,000-student school system. After an onerous cyber forensics investigation involving the FBI, detectives found their suspect: a 29-year-old New Yorker who authorities say used a Gmail account with a fake name to call in threats and score "points" in an online game.
"It is very difficult to understand," said Barbara Hickman, superintendent of the Flagstaff school system. "It was devastating to my elementary schools. It was frightening."
Security experts, law enforcement authorities and school officials say the episode was part of what appears to be an emerging trend around the nation: hoaxers using proxy servers, virtual private networks and other high-tech identity-disguising tools to anonymously threaten schools online and trigger a huge police response.
In December, Los Angeles, New York City and several other school systems received an email warning of a grisly attack. In late January, districts in Delaware, Virginia, Massachusetts, New Jersey and elsewhere received bomb threats phoned in using an electronic voice. No arrests have been made in those cases.
In almost every instance, the threats disrupted the lives of thousands of students. Schools were closed or locked down. Police and search dogs scoured buildings for intruders and bombs before concluding the threats were hoaxes.
"These are time-consuming and complex investigations," said Fred Ryan, police chief in Arlington, Massachusetts, whose department is investigating one of the robotic-voice threats received last month. "We're all comparing notes."
A number of school threats received over the past year are a variant of "swatting," a practice that began around 2007: A caller falsely reports a crime in progress at an address, causing police cars and SWAT teams to rush to the scene, weapons drawn. Victims of swatting have included celebrities such as Justin Bieber as well as online gamers targeted by rival players.
Increasingly, swatting-type attacks have focused on places such as schools. The goal is to get heavy media attention, said Jonathan Fairtlough of the security consulting firm Knoll. In many cases, the perpetrator has no direct connection to the schools threatened. At least three suspects arrested over the last year were gamers who met online.
Fairtlough described most swatting perpetrators as juveniles who are "highly intelligent, socially poorly adjusted."
Law enforcement authorities fear a swatting episode could turn tragic, with armed officers rushing in. What also troubles investigators: The same technology used by 14-year-old boys conspiring on Xbox could be appealing to terrorists who might be planning real attacks and want to test out how local authorities respond.
No statistics are kept at the federal level to show whether the number of school threats nationwide has increased, though individual school districts and police departments have reported more. The San Diego school system received 10 automated phone threats in a single day last September.
Though the hoaxes rarely lead to federal charges, the FBI increasingly is involved, in part because they often involve multiple districts across a wide region or someone making threats from out of state or another country. German authorities are assisting in the Los Angeles investigation.
The FBI and local police agencies have released little information about some of the recent cases. But court records in the small number of federal cases resulting in arrests shed some light on the perpetrators' possible motives and what law enforcement did to trace the threats.
Matthew Tollis, 23, of Wethersfield, Connecticut, pleaded guilty last year to conspiring with other Xbox Live players in making threats against five schools. In a letter to a judge, he described how he turned to a group of online friends for protection after being a victim of threats himself.
When those friends began calling in hoax threats, he felt obligated to participate, he said.
"As my relationship with these individuals grew, I felt greater loyalty towards them," he wrote. "I trusted them with some of my deepest secrets and told them things I had not even told my own family."
In Flagstaff, detectives traced two of the threatening calls to email accounts connected to an IP address assigned to a home on New York's Staten Island. An FBI agent and two Flagstaff detectives questioned Viktor Lisnyak at his home last July. According to court papers, he told them he was a gamer who connected with other players on his XBox.
Lisnyak's attorney said his client denies making the threats and may have been hacked.
"I know that these calls continue to happen even as we speak," Joseph Potashnik said. "They have continued after my client was arrested. And my client is not making these calls. So there is someone out there who is doing it."
Published: Tue, Feb 09, 2016