Faith-Based Daily Awareness Post 15 February 2024

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Ontario student arrested, charged for allegedly plotting shooting at his high school

An 18-year-old student has been arrested and is facing attempted murder charges after police say he had “every intention” to carry out a shooting at an Ontario, California high school, and had several firearms and a cache of ammunition in his home.

Sebastian Villasenor, a student at Ontario Christian High School, was taken into custody after a fellow student came forward with concerns of Villasenor being fixated with school shootings and had access to weapons, Ontario Police Chief Michael Lorenz said at a news conference Wednesday afternoon.

Lorenz said investigators believe Villasenor may have been planning a shooting around April 20, which is the anniversary of the 1999 attack at Columbine High School.

Analyst Comments:

There are several items of importance to highlight in this story. The first is the importance of bystanders speaking up when they witness potentially dangerous behavior. As this example illustrates, that simple act can save lives and potentially prevent a mass casualty situation. Last year CISA and the U.S. Secret Service released a resource, K-12 Bystander Reporting Toolkit which any member with connections to school environments is encouraged to utilize.

The second is that investigators believe Villasenor was targeting the Columbine anniversary for a potential attack. There are many examples of individuals utilizing previous incidents as inspiration for attacks, and it is not uncommon for these individuals to target those dates. FB-ISAO regularly posts upcoming anniversaries of hostile events and organizations are encouraged to review those dates and factor that in to ongoing threat assessments.

Romanian hospital ransomware crisis attributed to third-party breach

The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country’s hospitals to an incident at a service provider. It said an unnamed service provider reported an issue prior to the flood of hospitals alerting the agency to the attacks. The service provider operates the Hipocrate Information System (HIS) – a multipurpose healthcare management platform used by hospitals across the country. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS.

Analyst Comments:

Third-party risk continues to be a major concern for all organizations. The more vendors that are tied into a network, the greater the exposure is. FB-ISAO encourages members to conduct thorough third-party risk management questionnaires before incorporating other organizations into networks that house sensitive data or control important systems. Every weekday, the FB-ISAO publishes a Ransomware Data Leak Sites Report, which lists organizations that have appeared on ransomware gang dark web blogs. Members are encouraged to review those reports to identify any potential third or fourth party connections to their own organization, that may put their own information security operations at risk.