Faith-Based Daily Awareness Post 19 December 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Stabbing Near Chabad Headquarters Investigated as a Possible Hate Crime

On Tuesday in Crown Heights, Brooklyn, a 35-year-old Jewish man was stabbed in the chest in an incident the NYPD is investigating as a possible antisemitic hate crime. The attack occurred near Kingston Avenue and Lincoln Place, just blocks from the Chabad-Lubavitch headquarters, on the third night of Hanukkah. Police say the confrontation began as a verbal dispute; the suspect reportedly made antisemitic remarks before repeatedly stabbing the victim, who was treated at Kings County Hospital and released in stable condition. Authorities are searching for the suspect, who was seen wearing a dark jacket, and have increased patrols in the neighborhood as the investigation continues. ⁠Outgoing city officials condemned the violence, and the NYPD’s Hate Crimes Task Force is leading the inquiry. This assault follows heightened concerns about antisemitic incidents in New York during the holiday season, including another altercation involving Jewish men on the subway that authorities were also scrutinizing for bias motives.

Analyst Comments: From an operational risk perspective, this incident reinforces the persistent threat environment facing visibly Jewish individuals and institutions, particularly during religious holidays that increase foot traffic and public visibility. Even isolated, low-tech attacks can have outsized impacts on community perceptions of safety and continuity of daily activities, prompting heightened security postures, increased law enforcement presence, and potential disruption to religious observance. The location near a well-known religious hub underscore how symbolic or familiar sites can attract opportunistic violence, emphasizing the importance of situational awareness, coordinated security planning, and rapid information sharing between community organizations and authorities. While investigations continue, the broader risk takeaway centers on preparedness, deterrence through visibility, and post-incident reassurance measures to reduce fear and prevent secondary effects such as reduced attendance or self-imposed isolation.

North Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true location

A recent report details how Amazon uncovered a North Korean operative embedded as a remote IT systems administrator by noticing an unusual pattern in their computer’s behavior: keystroke inputs showed a consistent latency of about 110 milliseconds, far higher than the typical delays seen from U.S.-based remote workers. That discrepancy raised red flags with Amazon’s security team and led to deeper investigation, revealing that the worker’s actual location did not match their claimed U.S. address and that the connection was being relayed through proxies, consistent with remote access from abroad. Amazon’s Chief Security Officer has said the company has blocked more than 1,800 similar infiltration attempts since April 2024, underscoring efforts by nation-state actors to exploit remote work roles for financial gain or potential espionage and highlighting the role of detailed behavioral and network telemetry in detecting such disguised intrusions.

Analyst Comments: This case highlights a real and ongoing risk that can affect organizations of any size, including faith-based and nonprofit groups that rely on remote workers or outside service providers. North Korean IT workers have repeatedly gained access to Western organizations by posing as legitimate remote employees, often appearing skilled, dependable, and professional. Because of this, traditional hiring checks or basic trust in resumes and interviews are often not enough to catch the issue early.

For smaller organizations without a dedicated cybersecurity team, the key takeaway is awareness and accountability, not technical complexity. If your organization uses third-party IT vendors, managed service providers, or remote contractors, this is an opportunity to ask direct questions:

• How do you verify the identity and location of your remote workers?
• Do you monitor for unusual login behavior or foreign access patterns?
• What controls are in place to prevent shared accounts or unauthorized devices?

Organizations should treat remote access as something that requires ongoing attention, not a one-time setup. Even simple steps such as limiting system access to only what is necessary, requiring strong authentication, and regularly reviewing who has access can reduce risk significantly.