Faith-Based Daily Awareness Post 10 April 2024

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

FB-ISAO Newsletter

Volume 6, Issue 4

April-2024

Articles in this month’s newsletter include:

The Threat and Incident Response Working Group Issued an Update to Threat Level Statement

Both the Physical and Cyber Threat Levels remain ‘ELEVATED.’” The article discusses how FB-ISAO Threat and Incident Response Working Group determines threat levels and provides links to the entire March 2024 Threat Level Statement Update and useful resources.

Fraud and Scams

This article discusses and links to the FBI’s annual Internet Crime Complaint Center (IC3) report.

The newsletter Spotlights:

Great Way to Contribute to FB-ISAO’s Mission

In a community of force multipliers, not everyone contributes the same way, so we’ve come up with yet another way for community members to be force multipliers – guest blog posts! The Spotlight details the opportunity to be a guest blogger.

The newsletter also covers the FB-ISAO Advisory Board, how to join FB-ISAO, FB-ISAO Slack, and upcoming FB-ISAO events.

The April 2024 Newsletter has been directly distributed to members and may be accessed here.

Want this newsletter delivered directly to your inbox each month? Membership in FB-ISAO is open to all Faith-Based Organizations including Houses of Worship, Charities, Faith-Based Schools and their affiliated organizations. Join FB-ISAO!

Threats made against multiple Jewish institutions, synagogues across the Philadelphia region

The Philadelphia Police Department is investigating after threats were made on Tuesday against multiple Jewish institutions and synagogues. Investigators are working alongside the FBI’s Joint Terrorism Task Force, the Jewish Federation of Greater Philadelphia, and the Anti-Defamation League of Philadelphia. An email sent to the Jewish Federation of Greater Philadelphia Tuesday threatened to blow up synagogues and other facilities. Law enforcement has since deemed the threat a hoax. This incident happened amid a warning from the FBI about the risk of terrorist attacks. According to investigators, the email contained no credible threat and no specific facilities were mentioned.

Related articles:

• Bomb-sniffing dogs called to synagogue after hoax threat emailed to Pennsylvania Jewish organizations
• Allentown Jewish facilities evacuated after email bomb threat
• Hoax bomb threat email caused evacuation of Harrisburg synagogue

Analyst Comments:

Resources are available to Faith-Based Organizations. Several FB-ISAO Daily Awareness Posts (DAP) have reported on prior bomb threat incidents and provided resources, including:

• Faith-Based Daily Awareness Post 16 January 2024
• Faith-Based Daily Awareness Post 20 December 2023
• Faith-Based Daily Awareness Post 18 December 2023

Also, Faith-Based Daily Awareness Post 04 January 2024 highlighted the FEMA Bomb Threat Assessment for Decision Makers Course. The online course continues through April.

Furry hackers kick off campaign against anti-trans churches by doxing YouTube pastor (update)

The self-described gay furry hackers in SiegedSec relaunched a hacktivism campaign aimed at targeting those critical of transgender rights. The effort, dubbed #OpTransRights, initially began last year when the group targeted government websites in five states with policies against matters such as gender-confirming healthcare. Now, instead of focusing on government entities, SiegedSec plans to target “churches, media sources, and other organizations.” The campaign’s first action took place on April 1, when SiegedSec announced that it had hacked the River Valley Church in Burnsville, Minnesota, due to the pastor’s views towards transgender people… In their announcement regarding the new campaign, SiegedSec revealed that they had taken actions against the church once again. Yet this time, the group chose to dox the church’s pastor Rob Ketterling, which included the release of his personal cell phone number.

Analyst Comments:

Faith-Based Organizations should consider maintaining cybersecurity. The Faith-Based Daily Awareness Post 2 April 2024 reported on this group stealing church funds. The DAP also provided resources to prevent hacks and other cybersecurity issues.

Also, CISA provides a 3-page CISA_Insight_Mitigating_the_Impacts_of_Doxing.

Weekly Security Sprint EP 60. Cyber news and breaches, security mindfulness, all-hazards and more!

The Gate 15 Security Sprint is a weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.

In this Week’s Security Sprint, Dave and Andy discuss:

• US Environmental Protection Agency hack exposes data of 8.5 million users
• Sophos – Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector

They also reported:

• 4X higher overall attack recovery costs ($3M vs. $750k for compromised credentials)
• Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out
• Bomb threats follow Libs of TikTok’s campaign against Planet Fitness
• Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023
• Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023.pdf
• Cyber board says Chinese hack of US officials was ‘preventable’
• Microsoft faulted for ‘cascade’ of failures in Chinese hack

The above Gate 15 Weekly Security Sprint website also provides links to many security-related items of interest.

Information on other Gate 15 podcasts can be found at Podcasts (gate15.global).