This DAP highlights – FB-ISAO Educational Series: Standing Up Security Teams / Critical Infrastructure Security and Resilience Month. DAP also has More Faith-Based Stories and Select All-Hazard Stories. These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.
Faith-Based Daily Awareness Post 26 August 2024
- cybersecurity, faith, General, Headlines, News, preparedness, Resilience, resiliency, Resources, security, threat assessment
Faith-Based Security Headlines
These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.
French police arrest synagogue blast suspect
French police indicated on Saturday that they have arrested a man suspected of setting fires and causing an explosion outside a synagogue in a southern resort. French authorities indicated they were treating the early Saturday blast outside the Beth Yaacov synagogue in the seaside resort of La Grande Motte, near the city of Montpellier, as a potential terror attack. The suspect was caught on CCTV wearing a Palestinian flag. Five people, including the rabbi, were inside the synagogue at the time, authorities said.
Analyst Comments:
The French Jewish community already live under high security, with many synagogues and Jewish schools under police protection. A January 2024 report by the Council of Jewish Institutions in France (CRIF) said there had been a nearly threefold increase of antisemitic acts in France between 2022 and 2023.
Given the recent attack, we are once again encouraging the community to review and act upon the recommendations from CISA’s Physical Security Performance Goals for Faith-Based Communities, which was published last December with input from FB-ISAO.
Additional reading includes:
- Explosions Outside a France Synagogue Were a Terrorist Attack, Prosecutors Say
- Suspect Caught On CCTV In French Synagogue Attack Held Palestinian Flag: Source Close To Probe
Helldown Ransomware Targets East Coast Jewish Federation
In today’s Ransomware Data Leak Sites Report which is sent to members daily, an East Coast U.S. Jewish Federation has been listed as a victim of Helldown Ransomware. According to Red Piranha, Helldown emerged “in the early months of 2023, Helldown ransomware rapidly established itself as a formidable threat in the cybercrime landscape. This malicious software employs a double extortion tactic, encrypting victims’ data and threatening to leak it on the dark web unless a ransom is paid. While the exact origins of Helldown remain shrouded in mystery, security researchers believe it may be linked to a cybercriminal group operating out of Eastern Europe. This group’s previous activities suggest a level of sophistication in malware development and deployment, making Helldown a particularly dangerous adversary.”
Helldown ransomware doesn’t rely solely on brute force. It possesses a diverse arsenal of tactics, techniques, and procedures (TTPs) to infiltrate and compromise systems. Here’s a glimpse into its malicious toolkit:
- Phishing Attacks: Deceptive emails designed to trick users into clicking malicious links or downloading infected attachments are a common entry point. These emails often mimic legitimate business communications, making them more likely to be clicked.
- Exploiting Vulnerabilities: Helldown actively seeks out unpatched vulnerabilities in software and operating systems to gain unauthorised access to networks. This underscores the importance of keeping all software and systems updated with the latest security patches.
- Remote Desktop Protocol (RDP) Exploitation: Like other ransomware strains, Helldown can exploit weaknesses in RDP configurations to gain access to a system. RDP allows remote access to a computer, and misconfigured settings can create a vulnerability for attackers.
- Supply Chain Attacks: Helldown has shown a preference for targeting supply chains, compromising vendors and suppliers to gain access to a wider network of victims. This tactic allows attackers to reach a larger number of victims with a single intrusion.
- Lateral Movement: Once a foothold is established on a single system, Helldown can utilise various tools to move laterally across a network. This allows it to infect additional devices, escalate privileges, and potentially compromise critical systems.
- Data Exfiltration: Before encryption, Helldown often exfiltrates sensitive data like financial records, personal information, and intellectual property. This stolen data serves as additional leverage in extortion attempts, putting pressure on victims to pay the ransom.
- Strong Encryption: The malware utilises robust encryption algorithms to render files inaccessible. Decrypting them without the attacker’s key is extremely difficult, if not impossible. This effectively cripples a victim’s operations until a decision is made.
Analyst Comments:
If you don’t currently receive the daily ransomware reports and would like to, consider signing up for FB-ISAO membership.
CISA offers many ransomware resources including their Stop Ransomware website.
CISA recommends the following mitigation steps to fight against ransomware:
- Routinely take inventory of assets and data to identify authorized and unauthorized devices and software.
- Prioritize remediation of known exploited vulnerabilities.
- Enable and enforce multifactor authentication with strong passwords.
- Close unused ports and remove applications not deemed necessary for day-to-day operations.
More Faith-Based Stories
Congregation Beth Am in Los Altos Hills hit with another hoax bomb threat
Mezuzah stripped from door in LA synagogue’s 3rd defacement in recent months – exclusive
Antisemitic flyers distributed in Virginia’s Stafford county
Jewish cemetery vandalized, set on fire in Melrose
NYPD searching for suspect accused of punching woman, making anti-Muslim comments at her in Brooklyn
Man charged with shooting outside Minneapolis mosque amid drug confrontation
UPDATE: Man faces murder charge after woman’s body found in Athens church fire
‘Direct Attack on Vulnerable Women’: Anti-Israel Vandals Attack Pregnancy Center During DNC
Select All Hazard Stories
Israel and Hezbollah in major missile exchange as escalation fears grow
Hezbollah’s Nasrallah Says Israel Crossed ‘All Red Lines’ as Tensions Flare
Solingen: Main suspect behind deadly attack in custody
US ‘kinetic strike’ takes out senior leader of terrorist group aligned with al Qaeda in Syria
Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials
WhatsApp Shuts Down Iranian Hackers Targeting Trump and Biden Campaigns
Risky Biz News: Digital wallet apps, the new frontier for card fraud
FTC: Five ways to keep scammers and hackers away
How to tell if your online accounts have been hacked
Who is Telegram founder Pavel Durov — and why was he arrested?
More Security-focused Content
The FB-ISAO’s sponsor Gate 15 publishes a free daily newsletter called the SUN. Curated from their open source intelligence collection process, the SUN informs leaders and analysts with the critical news of the day and provides a holistic look at the current global, all-hazards threat environment. Ahead of the daily news cycle, the SUN allows current situational awareness into the topics that will impact your organization. To sign-up for the SUN, send an email to gate15@gate15.global.
Related Posts
This DAP highlights – Thefts from Buddhist and Hindu Temples / DHS’s CP3 Presents: Creating a Culture of Violence Prevention through Civic Engagement / Gate 15’s Weekly Security Sprint EP 87 - AI, MDM, Elections and Hiring Risks. DAP also has More Faith-Based Stories and Select All-Hazard Stories. These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.
This DAP highlights – What is ricin - the biological substance police say they found at Southport suspect's home? / Follow up to the threat of edged weapons and the vulnerability of faith community members when they can be identified in public. DAP also has More Faith-Based Stories and Select All-Hazard Stories. These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.