Faith-Based Daily Awareness Post 2 May 2024

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Arson Awareness Week is May 5-11: Protecting Houses of Worship — Fire as a Weapon

The U.S. Fire Administration is presenting it annual Arson Awareness Week. This year’s theme is “Protecting Houses of Worship — Fire as a Weapon.”

From the U.S. Fire Administration website:

“Each year from 2020 to 2022, an estimated average of 1,300 fires in places of worship were reported to fire departments in the U.S. These fires resulted in an estimated annual average of $74.6 million in property loss.”

Protecting Houses of Worship – Fire as a Weapon Webinar
The U.S. Fire Administration is presenting a “Protecting Houses of Worship – Fire as a Weapon Webinar.”  Information on the webinar is below.

Arson Awareness Week is May 5-11 and this year’s theme is “Protecting Houses of Worship – Fire as a Weapon.” The NVFC and USFA are holding a webinar to support this year’s theme with representatives from the Cybersecurity and Infrastructure Security Agency (CISA). Briefings will include a historical review of attacks on houses of worship using fire as the weapon; a threat and intelligence review of current threat actors, targets, and trends; and a discussion on preventing, protecting, mitigating, and response and recovery for arson events involving houses of worship. There will be a question and answer period following the briefings.

Date: Monday, May 6, 2024
Time: 2:00 p.m. (EDT)Presented by:

• Joseph Larkin, Section Chief, Stakeholder Engagement Division;
• Victoria M. Rossi, Supervisory Intelligence Specialist, CISA Intel – Analysis Branch, and
• Bob Winters, Protective Security Advisor

Click here to register.

Additional Resources

The Protecting Houses of Worship Against Arson website provides a variety of recommendations and guidance to protect houses of worship from arson.

Analyst Comments:

The Protecting Houses of Worship Against Arson website cites that 15% of fires in houses of worship are intentionally set, so arson is a serious threat to Faith-Based Organizations (FBO). Most arson fires occur in buildings when FBO members are not present, but fire can be used as a weapon in a terrorist attack on an occupied house of worship. An accidental fire can also do great harm and possibly cause casualties.

While much of the Protecting Houses of Worship Against Arson website is aimed at fire service personnel for them to present to FBOs, all of the information provided can be used directly by FBOs.

Recent Incidents:

1 May: Warsaw synagogue attacked with three firebombs in the night, but no one is hurt.

1 May: Massive fire destroys Catholic church in Avondale: ‘Devastating loss for the community’

20 Apr: Man accused of burning N.J. church while battling bugs will remain jailed, judge says

24 Apr: Man charged with hate crime after Yucaipa church damaged by fire

21 Mar: Eight-alarm fire destroys large New Jersey church despite efforts of over 150 firefighters

National Small Business Week and Cybersecurity Resources

Cyber threats remain a constant threat to Faith-Based Organizations (FBO) and their members. During National Small Business Week, the following resources can be used by FBOs of all sizes.

During National Small Business Week, Take Steps to Secure Your Business | CISA

Small businesses are the target of cyber criminals because small businesses don’t always have the resources to invest in cybersecurity.

CISA provides Secure Your Business: 

1. Train staff to recognize phishing. Emphasize the harm phishing emails can cause while educating employees on what to look for in a phishing email and encouraging everyone to think before they click on any links or attachments.  
2. Require strong passwords. As the first line of defense in stopping criminals from accessing accounts, passwords should be random, unique, and at least 16 characters long. Avoid using the same password for multiple accounts and enable an enterprise-level password manager so that the only password you need to remember is the one for the password manager.  
3. Require multifactor authentication (MFA). MFA requires more than a password to access your accounts, such as a texted code, biometric scan, or access card. With more than 310 million smartphone users in the U.S., it’s easy to use a smartphone or tablet to implement MFA. 
4. Update any software used for business. Out-of-date software is easily exploited to steal business, employee, and customer data. Enable automatic software updates on connected devices used for business so they automatically get the latest security patches. It is also incredibly important to be aware of any outdated or unsupported software or hardware, so make sure to inventory and update them.

Additional Cybersecurity Resources:

Shields Ready | CISA

As a companion to CISA’s Shields Up initiative, Shields Ready drives action at the intersection of critical infrastructure resilience and national preparedness. This campaign is designed to help all critical infrastructure stakeholders to take action to enhance security and resilience—from industry and businesses to government entities at all levels, and even individuals by providing recommendations, products, and resources to increase individual and collective resilience for different risk contexts and conditions. 

Logging Made Easy | CISA

CISA’s newest tool is a free and open logging and protective monitoring solution serving all organizations. Secure your Windows-based equipment today with Logging Made Easy.

CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices | CISA

CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s).

• Use Secure Cloud Identity and Access Management Practices
• Use Secure Cloud Key Management Practices
• Implement Network Segmentation and Encryption in Cloud Environments
• Secure Data in the Cloud
• Mitigate Risks from Managed Service Providers in Cloud Environments

Forta’s Tripwire: 10 Database Security Best Practices You Should Know | Tripwire

Most FBOs have databases, and Forta’s best practice suggestion can help protect them.

National Small Business Week: IRS warns entrepreneurs to take precautions on data security; protect their businesses, employees, customers

The IRS explains attackers and there methods,and suggests protective methods.

Related Item from IRS:

• IRS recommends safeguarding information in case of natural disasters 

As always, Faith-Based ISAO’s website provides resources in the Resource Library, including information on Protecting Digital Assets.

College Campus Protests Continue

• Massive police operation dismantles UCLA pro-Palestinian camp, makes numerous arrests
• Inside the UCLA encampment on a night of violence
• Videos show pandemonium on UCLA campus as cops try to break up anti-Israel encampment
• UCLA issues dispersal order as standoff continues with pro-Palestinian demonstrators
• UCLA anti-Israel protests: Violence erupts as delayed police response sparks criticism

• Northwestern Dean joins protest at Campus Jewish Center

• CAIR-LA, Partners Address Recent Violence Against UCLA Students, Police Inaction (Video)
• Berkeley takes hands-off approach to Gaza campus protests. Columbia called the police
• Warning of ‘outside agitators,’ Eric Adams escalates rhetoric against Columbia protesters
• Wife of convicted terrorist Sami Al-Arian was hanging out at Columbia encampment before dramatic raid
• Columbia goes remote after campus arrests
• Emory University protests spark up, suspicious bag found in area
• Revealed: Emory University investigated over alleged anti-Muslim discrimination
• Stanford submits ‘deeply disturbing’ photo of campus anti-Israel protester wearing Hamas headband to FBI
• Live coverage: Encampment meets day seven under congressional, mayoral attention
• Comer Announces Hearing on the District of Columbia’s Response to Radical, Antisemitic, and Unlawful Protests at GWU
• Oversight of D.C.’s Response to Unlawful Activity and Antisemitism
• At Indiana University, Protests Only Add to a Year Full of Conflicts
• Pro-Palestine protest at UPenn continues into day 6 as university takes disciplinary action
• CAIR-FL to Call Out University of South Florida, Hillsborough Co. Police for Endangering Peaceful Student Protesters
• House GOP wins bipartisan passage on antisemitism bill as protests flare
• CAIR Condemns House Adoption of Misleading Antisemitism Awareness Act, Urges Congress to Address All Forms of Bigotry