Faith-Based Daily Awareness Post 10 November 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

Arizona Man Sentenced to Six Years in Prison for Plot Targeting Christian Churches

In March 2025, a jury in Sacramento convicted 46-year-old Zimnako Salah of planting a backpack in the restroom of a Christian church in Roseville in an attempt to instill fear by conveying a hoax bomb threat. Between September and November 2023, Salah traveled to four Christian churches in Arizona, California and Colorado wearing black backpacks. At two of the churches he succeeded in placing the backpacks so that congregants feared they contained bombs; at the other two he was stopped by security before he could plant them.

While executing multiple hoax bomb threats, Salah was simultaneously building a functional explosive device. During a search of his storage unit, an FBI bomb technician seized components that an expert testified were parts of an improvised explosive device (IED), capable of fitting into a backpack. A review of his social-media history showed that he had watched extremist propaganda and, in a cellphone video days before his crimes, declared: “America. We are going to destroy it.” Salah was sentenced to six years in prison.

Analyst Comment: This arrest demonstrates how security incidents can build upon each other. While the end goal was to build and detonate a functional bomb, Salah executed multiple hoax bomb threats to practice placing the bomb. These incidents were practice for him but, also, a chance for security professionals and law enforcement to detect a pattern of behavior that, likely, resulted in his arrest. This incident underlines the importance of reporting on and sharing information about security incidents, both to law enforcement and peer institutions, so such patterns can be detected.

What is a Targeted Attack? A Primer for Activists, Journalists and Nonprofits

The article explains that a targeted attack is a deliberate cyber operation focusing on a specific individual, organization, community or network—often high-value actors like activists, journalists or NGOs—rather than generic mass attacks aimed at financial gain. It emphasizes that these operations aim to monitor, surveil, collect intelligence, control or intimidate the target. These attacks are tailored: attackers research and profile their victim, exploit vulnerabilities (for example via phishing, fake login pages or spyware), infiltrate devices or accounts, and then maintain persistence.

Targeted attacks can have severe and lasting effects on both individuals and organizations. Beyond data breaches or system compromise, victims often face psychological harm such as fear, stress, and self-censorship, as well as organizational consequences like the loss of trust within teams, damaged reputations, and disruptions to essential operations or advocacy work. The actors most likely to conduct targeted attacks are state-sponsored groups, government agencies, and well-resourced private contractors acting on behalf of states.

Analyst Comment: Faith-Based Organizations (FBOs), like journalists and activists, face heightened risks of targeted cyber operations due to their missions, partnerships, and the communities they serve. This risk fluctuates with social and political contexts—for example, the post-9/11 surveillance of Muslim communities by U.S. law enforcement or monitoring of Chinese Christian groups by Chinese intelligence to control diaspora populations. Given that such threats often originate from well-resourced actors, effective mitigation measures may be beyond the capacity of most FBOs to implement.