[patcheudor]

Which gets me to an interesting theory of how the cyber security field really resembles an ecosystem not unlike what is found in nature. For the most part, a lot of what we call the bad guys are just dumb people who get caught, as you said because they likely can't help themselves from bragging about it. They pulled of a "goof" and think it's funny, many times likely not even considering the criminal nature of the act. All of these people who pull of these exploits (swatting is just an exploit that involves the unauthorized use of law enforcement instead of a kernel) and do so in a rather large and obvious way illicit immune responses. Many hundreds of responses with no one event causing significant harm to the total ecosystem. It's our jobs in the cyber security community to react to these and develop ways to stop them before the inevitable "big one happens," in this case the mass swatter who remains anonymous because they are disciplined, but who also has at their disposal a rudimentary AI system connected to an Asterisk IVR server that can make large volumes of automated swatting calls, causing the US emergency response system to grind to a halt.

This is where there is a very fine line between tackling exploitation via the implementation of technical controls and legal controls. Because the Internet is global, I'm of the mind-set that controlling it via legislative controls has long since past, therefore we'd better be looking for technical solutions before someone exploits the system en masse to cripple a nation.