Emerging Threats in Mobile Field Force

Hackivists want to catch you slipping, and then make you pay--don't take the bait!

By Elijah Woodward  |   Aug 6, 2015

If you haven’t noticed yet, now might be a good time to point out some recurring attacks on law enforcement that have coincided during protests. This has been going on for the last year and is now becoming so commonplace, we should just expect it.

August 9, 2015: Officer Darren Wilson shoots Michael Brown in Ferguson, Mo. In the following days and weeks, protestors took to the streets, and online activists took to the wires. During that same time period, various online actors posted Darren Wilson’s “d0x” (aka, his full documents) online, including credit card numbers, social security number, home address, etc. The same was done to various other members of the Ferguson Police Department, and numerous online attacks were carried out against other portions of law enforcement in the state of Missouri.

Ray Albers During one protest, a police lieutenant named Ray Albers was caught on video telling an activist to “Go fuck yourself.” They also promptly posted his personal information including personal email info, and parents’ info (including addresses and dates of birth).

Remember back to December, 2014, when numerous protests were taking place in Berkley, Calif. During one of these protests, a particular officer, Scott Salas, was named and accused of shoving a protestor. A video was posted on the following evening with this officer’s name and badge number, and shortly after that a website with his “d0x” was posted.

More recently, on June 6, 2015, the world saw the Eric Casebolt incident video in McKinney, Texas. The quick review is this: Sgt. Casebolt responded to a pool party (after dealing with an ugly suicide and another suicidalMcKinney subject call) and he may not have been emotionally 100%. He is seen on video throwing a 15-year-old girl to the ground. Almost immediately, his personal information begins to appear on various websites (including at least one white-supremacist website). Again, he was “d0xed” as a result of police work. He resigned a few days later.

The Sandra Bland incident has been no different. A hacker group has posted the d0x of Trooper Brian Encinas (including the VIN numbers of license plates of his personally owned vehicles) along with the d0xes of most of the sheriff’s department.

In addition to the personal attacks affecting officers, cities and departments are also being attacked with a denial of service attack to knock them offline. These attacks have been very closely correlated to when protesters are marching in the streets. During protests when websites are getting taken offline, you can follow this live on twitter by searching for the hashtag #tangodown.

Are you seeing a pattern yet??

There is information warfare going on against us—and it’s not going away any time soon! If anything, it’s going so well it’s just going to get bigger.

Furthermore, this Saturday there will be numerous protests nationwide. Undoubtedly these will include demonstrators who are more than happy to record any officers who might “lose their cool” for even a second and turn that in to a narrative of brutal police thugs. Below is a list of the upcoming protests for this weekend, August 8.
protest list
Is your city on there? If so, here’s some things to keep in mind:

  1. These folks are actively looking for officers to have confrontations with. They are only too happy to record it, post it online, and proceed to ruin your identity and credit by posting your d0x (not to mention the physical safety risks). Do not fall for this trap! This weekend, we go to work with our heads on straight. We keep our cool.
  2. They are more than happy to d0x entire departments using publicly available info. In April, 2014, there was a document posted that claims to be a “zero day vulnerability you can use against law enforcement” and proceeds to explain how to find all members of a department using publicly available info (mainly, transparency data and salary information). From there they explain different methods of tracking down officers based on that info.
  3. Keep in mind, they are also only too happy to FOIA your department after the fact and find out what you’re saying about them. Keep this in mind with your communications—make every email as if it’s on the front page of the New York Times (I know we get told this anyway, but given how some departments have been embarrassed lately, it needs repeating).

Also, don’t forget this Sunday, August 9th, marks the one-year anniversary of the Ferguson, Mo., shooting of Michael Brown. Be careful this weekend. Understand stress and how it affects you, and have a plan in place to deal with that stress.its a trap

Bottom line: Don’t take the bait! The consequences might last a lifetime and impact an entire profession.

The following two tabs change content below.
Elijah Woodward
Elijah Woodward is the owner of SavageCyberSpace.com, a security consulting company focusing on information and cyber security as well as physical security. He has 10 years of law enforcement experience working in patrol, motors, and community resources. He is a member of the FBI’s InfraGard program, and the High Technology Crime Investigator’s Association. Elijah believes that law enforcement is in a prime position to address the issues of cyber crime and fraud, and it will be cops at the local level who will have the greatest impact on these new crimes as they continue to plague our communities. Reach him at [email protected]