October 13, 2023

On October 10, 2023, Hamas issued an official statement designating Friday, October 13, 2023, a day of action titled “the Friday of al-Aqsa Flood.” In their announcement, they called on the international community to voice solidarity with the Palestinian people and their cause by engaging in mass gatherings. They also called on individuals living in the West Bank and East Jerusalem to take part in mass protests against Israel.

A video has also surfaced featuring founding member and former Hamas leader, Khaled Mashal, praising the recent attack and calling on everyone to mobilize. He allegedly called on people in the region, particularly, to engage in uprising and resistance. He also allegedly encouraged individuals around the world to engage in the “Friday of Al-Aqsa Flood” to send a message of solidarity and anger to Zionists and America. He stated that jihad is everyone’s duty and an individual responsibility. The video appears to have been removed from mainstream sources.

The JSA is in close coordination with each other and our law enforcement partners, and at this time there are no known credible threats to the Jewish communities in New York and New Jersey. Accordingly, we are advising institutions to remain open and operational. However, given the heightened tensions, we encourage the following security precautions and procedures be implemented at your institutions:

• LIMITED BUILDING ACCESS: Limit your building access to only one entrance/exit. Ensure all doors remain locked at all times and are only unlocked to admit known individuals. Do not open doors for unknown individuals.
• DROP OFF & PICK UP: Security and staff should be outside at this time and on the lookout for any suspicious individuals in these high traffic times.
• PERIMETER SWEEP: Upon opening your institution, conduct an outside sweep of your building’s perimeter. Report any suspicious items or individuals lurking outside to law enforcement immediately.
• CAMERA COVERAGE: Ensure all building cameras are on and properly recording. Designate an individual to review security footage continuously throughout the day.
• SYSTEMS CHECKS: Ensure that anything that is battery powered or electronically controlled is working properly. This could include access controls, panic buttons, AEDs etc.
• MAIL AND DELIVERIES: Screen any packages and mail thoroughly that comes to the building. If you didn’t order it, do not accept it. Review your institution’s procedures for suspicious mail.
• ACTIVE THREAT PROTOCOLS: Review your institution’s active threat situation protocols and ensure relevant staff is up to date on procedures. Consider conducting an
  institution-wide drill.
• LAW ENFORCEMENT: Connect with your local law enforcement and provide them your schedule over the coming days, including school and prayer times.

Click here to download a PDF of this post. 

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) releases an cybersecurity advisory, “DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks.” CISA and FBI are urging critical infrastructure asset owners and operators to adopt a heightened state of awareness and implement the recommendations listed in this advisory.

Recently, DarkSide actors deployed DarkSide ransomware against a U.S. pipeline company’s information technology (IT) network. In response to the cyberattack, the company proactively disconnected certain operational technology (OT) systems to ensure the safety of the system. At this time, there are no indications that the threat actor moved laterally to OT systems.

This joint advisory provides technical details on DarkSide actors and some of their known tactics and preferred targets. According to open-source reporting, DarkSide actors have been targeting multiple large, high-revenue organizations. Also, the actors have previously been observed gaining initial access through phishing, exploiting remotely accessible accounts and systems and virtual desktop infrastructure.

CISA and FBI strongly recommend that critical system owners and operators prioritize reading this advisory and follow recommended mitigation and guidance to help protect against this malicious activity. In addition to the cybersecurity advisory, CISA and FBI urge critical infrastructure asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture:

• Joint Ransomware Guide (CISA and Multi-State Information Sharing and Analysis Center)
• CISA Ransomware Webpage: Ransomware Guidance and Resources
• CISA Insights: Ransomware Outbreak
• CISA Pipeline Cybersecurity Initiative
• CISA Pipeline Cybersecurity Resources Library

Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office.

As cybersecurity concerns heightened, both worldwide and in the Jewish community, the Community Security Initiative and CISA offered a cybersecurity webinar on December 17, 2020. R. S. Richard Jr., CISM, CCISO, Cybersecurity Advisor, Region II of the Cybersecurity and Infrastructure Security Agency (CISA) offered explained about important cybersecurity measures that organizations should consider adopting and the resources that CISA makes available. View the video here and the presentation here.

CISA recently released its Cyber Essentials Toolkit, a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for technical staff and organizational leadership to work toward full implementation of each Cyber Essential. Each chapter focuses on recommended actions to build cyber readiness into the six interrelated aspects of an organizational culture of cyber readiness. We urge you to download and review these valuable tools.

Chapter 1: Yourself, The Leader – Drive Cybersecurity Strategy, Investment, and Culture

This chapter focuses on providing leaders with an understanding of what it takes from the top to drive a culture of cyber readiness within their organizations. Topic areas include, leading investment in basic cybersecurity; determining how much of the business’ critical operations are dependent on IT; how to approach cyber as a business risk; leading the development of cybersecurity policies; and building networks of trusted sector partners and government agencies for information sharing.

Chapter 2: Your Staff – Develop Security Awareness and Vigilance

This chapter focuses on an organizational approach to cybersecurity by educating employees and providing training resources that encourage cyber awareness and vigilance. Topic areas include: leveraging basic cybersecurity training; developing a culture of awareness; learning about phishing and other risks; identifying available training resources; and maintaining awareness of current cyber events.

Chapter 3: Your Systems – Protect Critical Assets and Applications

This chapter focuses on an organizational approach to cybersecurity by securing network assets and information. Topic areas include: learning what is on your network; leveraging automatic updates; implementing secure configurations; removing unauthorized hardware and software; leveraging email and browser security setting; and creating approved software polices.

Chapter 4: Your Surroundings – The Digital Workplace

This chapter focuses on an organizational approach to cybersecurity by ensuring only those who belong on your digital workplace have access. Topic areas include: learning who is on your network; leveraging multi-factor authentication; granting appropriate access and admin permissions; leveraging unique passwords; and developing IT polices to address user statuses.

Chapter 5: Your Data – Make Backups and Avoid the Loss of Information Critical to Operations

This chapter focuses on providing leaders with an understanding of what it takes to ensure their organization’s data is secure and recoverable. Topic areas include: learning what information resides on the organization’s network; learning what is happing on the network; domain name system protection; learning how the organization’s data is protected; leveraging malware protection capabilities; establishing regular automated backups and redundancies of key systems; and leveraging protections for backups.

Chapter 6: Your Crisis Response – Limit Damage and Quicken Restoration of Normal Operations

This chapter focuses on responding to and recovering from a cyber attack. Topic areas include: developing an incident response plan and disaster recovery plan; using business impact assessments to prioritize resources and identify systems to be recovered; knowing who to call for help in the event of a cyber incident; developing an internal reporting structure to communicate to stakeholder.

When is a “hello” not merely a “hello”?

Remember: only “approved” individuals should be able to enter your facility. The right greeting can be a critical component of your security protocols, and help you to balance the need to be warm and welcoming, while making sure that everyone who comes through our doors is safe and secure. Security goes beyond just having solid doors. In the real world someone has the responsibility to observe, evaluate suspicious behaviors — and ultimately — decide who to admit?

Technology offers many solutions (ID cards, fobs, facial recognition, biometrics and more) to verify those who we know, but what about those we don’t?  It all comes down to screening. A screener can be an employee or a volunteer. What’s important is that they know your people.

Who shows up at our doors?

1. The vast majority of the people who attend religious services are regulars. It is best practice to have someone at the door who knows most of the attendees and will welcome them upon arrival. They fill the largest bucket.
2. A warm, simple greeting (Welcome, is this your first time here? Are you looking for someone in particular?) will usually elicit a response (e.g., I’m here for the Cohen bar mitzvah). Take the time to ask the Cohen’s for their guest list. Your screener can readily check that the visitor is on the list. These visitors fit into the smaller, second bucket.
3. That leaves the Unknowns. What steps should be taken when an unknown is at the door. How can the screener decide whether an Unknown is a threat or a potential member of your congregation or facility?

DHS CISA‘s new guide

Simply saying “Hello” can prompt a casual conversation with a new person, providing an opportunity to observe and establish a connection. CISA calls it the “OHNO approach–Observe, Initiate a Hello, Navigate the Risk, and Obtain Help” developed to enable screeners to observe and evaluate suspicious behaviors, and to empower them to lower the risk and obtain help when necessary.

This guide promotes employee vigilance for our houses of worship stakeholders. Alert personnel can spot suspicious activity and report it. Keeping houses of worship facilities secure while sustaining the open and welcoming environment necessary for peaceful congregation requires a holistic approach to security.

Download these materials and think about how this guidance can make your facility safe and secure, without undermining your wish to be warm and welcoming. As always, institutions in New York City, Long Island and Westchester can reach out to their Community Security Initiative (CSI) regional security manager for assistance. Click here to send an email. Check out the new CSI video here.

Download links

Power of Hello Slicksheet (272.54 KB)
Power Hello Placemat (313.91 KB)
The Power of Hello Houses of Worship guide (2.1 MB)