How the FB-ISAO is Taking Action to Build Resilience Amid Escalating Tensions in the Middle East

The Faith-Based Information Sharing and Analysis Organization (FB-ISAO) provides members with information, analysis, and capabilities to help reduce risk while enhancing preparedness, security, and resilience. We are an all-faiths and all-hazards information sharing organization.

In 2023 and 2024, the FB-ISAO tracked 1027 and 841 incidents respectively affecting houses of worship. In late 2023, we saw a spike in incidents that correlates to the start of the war between Israel and Hamas. Geopolitical tensions have continued since October 2023 which have complicated the threat environment here at home. Faith-Based Organizations and houses of worship have been victims of arson, harassment, protest activity, defacement and assaults.

The escalating tensions between Israel and Iran in June of 2025 and with the U.S. conducting bombings of Iran’s nuclear facilities, the threat environment continues to compound. Following Israel’s direct strikes on Iranian nuclear sites and command structures (as of this blog’s publishing, the Israel-Iran ceasefire appears to be holding, but it remains unclear if the pact will hold for the long term,) Iran may increasingly turn to non-conventional forms of retaliation abroad. Its long-established networks, particularly Hezbollah and the IRGC’s (Islamic Revolutionary Guard Corps) Quds Force, maintain operatives and assets in North America and Europe, many of whom have previously surveilled Jewish targets, including synagogues, schools, and Israeli diplomatic facilities. Jewish, and some supporting Christian houses of worship, may treat this period as one of exceptional risk. The threat profile now includes not only lone actors inspired by online propaganda but also potentially pre-positioned foreign operatives who have surveilled Jewish institutions in major U.S. cities. Iranian-aligned cyber actors (including state-affiliated hackers and ideologically motivated hacktivist fronts) have repeatedly targeted Jewish and Israeli-linked institutions during periods of heightened regional conflict. These actors have historically deployed tactics such as website defacements, distributed denial-of-service (DDoS) attacks, and credential phishing campaigns. In recent days, we have seen a number of data breaches impacting organizations in Israel, and such tactics could be aimed more broadly. The U.S. Department of Homeland Security recently released a report warning Houses of Worship and critical nonprofits to prepare for elevated hacktivist activity in the context of the ongoing Middle East escalation. (FB-ISAO Members should be on the lookout for our Weekly Report focused on the hacktivist threat, publishing this Thursday.)

Politico published an article on 17 June titled, “US critical networks are prime targets for cyberattacks. They’re preparing for Iran to strike.” Andy Jabbour, founder and senior adviser for the FB-ISAO is quoted in the article. Andy said the FB-ISAO “is working with the National Council of ISACs on scanning for these threats and noted that the council had stood up a program following the first strikes by Israel on Iran late last week to monitor for specific threats to U.S. infrastructure. The FB-ISAO is monitoring for potential efforts by Iranian-linked hackers to infiltrate the websites of U.S. religious groups or spread disinformation.” FB-ISAO staff and members continue to share information with our colleagues across critical infrastructure and in the broader information sharing communities on a daily basis. On June 19, the FB-ISAO held a snap call to brief members on the current threat environment and to offer guidance for preparedness should there be incidents or attacks to member organizations. And as the situation continues to evolve, The FB-ISAO will continue to lean into proactively discussing threats, risks and mitigation. In that regard, members of the FB-ISAO Threat and Incident Response Working Group are evaluating the current threat level and will issue an update with additional guidance.

On June 22, DHS issued a National Terrorism Advisory System Bulletin which articulates the threat and the concerns. “The ongoing Iran conflict is causing a heightened threat environment in the United States. Low-level cyber attacks against US networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against US networks. Iran also has a long-standing commitment to target US Government officials it views as responsible for the death of an Iranian military commander killed in January 2020. The likelihood of violent extremists in the Homeland independently mobilizing to violence in response to the conflict would likely increase if Iranian leadership issued a religious ruling calling for retaliatory violence against targets in the Homeland. Multiple recent Homeland terrorist attacks have been motivated by anti-Semitic or anti-Israel sentiment, and the ongoing Israel-Iran conflict could contribute to US-based individuals plotting additional attacks.”

Maggie Miller in her Politico article says, “Beyond federal resources, thousands of the nation’s critical infrastructure operators turn to information sharing and analysis centers and organizations, or ISACs, for threat intelligence.” Our members share information with each other daily on the FB-ISAO collaborative workspace. The intent of the information sharing is to help protect the community from on-going threats. Now, more than ever, communities, banded under ISACs and ISAOs play a critical role in building resilience. Membership information is available here.