How to Handle Threats Sent Electronically
Case Study
On Thursday, December 13, 2018, a wave of bomb threats were sent to various English-speaking countries around the world, including the U.S., via email. One facility included a hospital, Hillsboro Community Hospital, in Kansas. These threats were meant to cause disruption and/or obtain money.
These bomb threats sent via email were not found to be credible.
The emails shared the following similarities:
Claimed that a person had carried an explosive device into your office building.
Demanded 5 to 6 bitcoins (~$18,000 to ~$22,000 as of December 2018).
Claimed that the explosive device would be detonated if there was any police activity or unusual behavior.
Listed a specific explosive like tetryl, trinitrotoluene, or hexigen.
This wave of emails is unfortunately not new and similar to a widespread ransom scam earlier in 2018 where scammers sent an email claiming that they had recorded webcam footage of targets watching adult content online. It has been reported that scammers in this instance were able to fool at least 30 victims and received at least 7 bitcoins (~$50,000 as of July 2018) in ransom payment.
How to Respond
In this scenario, if you had received a similar email, it is recommend that you contact local police immediately.
Do not respond or try to contact the sender.
Do not pay the ransom or take any further action until you have spoken to police.
Keep the email as evidence.
At Pointe Coupee General Hospital, Emergency Preparedness’ has specific policies related to bomb threats. This information can be found in the Emergency Preparedness Policies and Procedures, located in the Hospital Policies folder on every PCGH desktop. There is even a bomb threat form that asks specific, pertinent questions that can aide law enforcement.
When faced with these scenarios, it is always best to remain calm, treat every threat as credible until more information is made available, and promptly report suspicious activities to law enforcement or a superior.