Faith-Based Daily Awareness Post 31 December 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Reminder there will be no DAP from January 1^st through January 4^th, the DAP will begin posting again on January 5^th. Happy New Year!

‘Not taking any chances’: National Guard to be deployed to NOLA for New Year’s events 1 year after terror attack

City and state officials in New Orleans are deploying heightened security for New Year’s Eve and Sugar Bowl celebrations as the city marks one year since a deadly terrorist vehicle attack on Bourbon Street that killed 14 people. Approximately 800 local, state and federal law enforcement personnel, including members of the Louisiana National Guard, will be positioned downtown to manage enhanced security measures such as street closures, traffic redirects, and bag checks throughout major event zones. The National Guard’s mission will focus on supporting law enforcement in the French Quarter area, with roughly 350 Guardsmen expected to remain through the Carnival season and into Mardi Gras, providing visibility and public safety support amid large crowds. Officials emphasized that these deployments stem from lessons learned following last year’s tragedy and aim to prevent similar incidents.

Analyst Comments: New Year’s Eve consistently presents a high-risk operating environment due to dense crowds, alcohol consumption, symbolic timing, and predictable venues, all of which increase vulnerability to both opportunistic crime and deliberate attacks. The deployment of visible security assets such as National Guard personnel, vehicle barriers, and layered law enforcement coverage serves not only as a deterrent but also as a rapid response capability should an incident occur. Effective NYE security hinges on traffic control to prevent vehicle-borne threats, early crowd management to reduce bottlenecks, and clear coordination between local, state, and federal partners. Just as critical are public communication strategies that encourage vigilance without escalating fear, and contingency planning for evacuation, medical response, and misinformation management. Overall, NYE events underscore the importance of rehearsed, multi-agency planning and sustained security investments, as these threats are not confined to a single year or city but recur annually with similar risk patterns. Members are encouraged to contact local law enforcement and fusion centers to understand any specific threats which may elevate their risk during planned celebrations.

CSI: Community Advisory Bulletin: December 30, 2025

The email is a CSI: Community Advisory Bulletin dated December 30, 2025, issued by the New York State Intelligence Center (NYSIC) and shared via the Community Security Initiative (CSI). It warns that multiple bomb threats targeting synagogues across the United States were circulated on December 30, 2025, with messages from the sender “[email protected]” stating: “I am gonna send bomb threats to over 100 synagogues tomorrow.” The bulletin emphasizes the importance of law enforcement and security personnel assessing each threat carefully to determine whether it is a hoax or credible and responding appropriately based on the situation. It also notes that, at the time of the advisory, there was no specific information indicating credible threats to synagogues in New York State but encourages vigilance and reporting of suspicious behavior. Resources and contact information are provided for regional directors and the Terrorism Tips Line to assist in investigation and response. 

Analyst Comments: In response to mass bomb threat campaigns targeting houses of worship, organizations should prioritize calm, structured preparedness over reactive measures. Leadership should ensure clear procedures are in place for handling threats, including immediate notification of local law enforcement, preservation of threat communications, and predefined decision-making authority for service cancellation, shelter-in-place, or evacuation. Facilities should review access controls, increase situational awareness among staff and volunteers, and encourage the reporting of suspicious behavior without amplifying fear. Communication plans are critical, messaging to congregants should be factual, measured, and focused on safety steps rather than speculation. Even when threats are assessed as likely hoaxes, they still impose operational and psychological strain, making coordination with law enforcement, use of trusted intelligence channels, and post-incident reassurance essential. Ultimately, preparedness, drills, and trusted partnerships reduce disruption, protect congregants, and help institutions respond confidently and lawfully during threat surges.

Salvation Army allegedly breached by Interlock ransomware

The Salvation Army, an international Protestant Christian church and charitable organization, is reported to have been allegedly breached by the Interlock ransomware gang, with attackers purportedly stealing about 93 GB of data from its systems. According to research cited by SC Media and Cybernews, the compromised information included multiple Microsoft SQL Server database backups, one of which contained around 1.6 million donation transactions revealing personal details such as full names, phone numbers, home addresses, and donation amounts. Cybersecurity researchers warn that this exposed data could be exploited for financial profiling, identity theft, and targeted scams impersonating the Salvation Army to lure donations. This incident comes months after the Salvation Army was reportedly targeted by another ransomware group, Chaos, and follows a broader pattern of Interlock’s activity, which has targeted dozens of other organizations over the past year.

Analyst Comments: This incident underscores a broader and increasingly concerning trend: houses of worship and faith-based nonprofit organizations are becoming recurrent victims of ransomware and data-extortion campaigns. Threat actors often perceive these institutions as softer targets due to limited cybersecurity budgets, legacy systems, and a strong reliance on trust-based relationships with congregants and donors. In the case of the Salvation Army, the alleged theft of donor and beneficiary data highlights how attackers can weaponize sensitive personal information not only for financial extortion, but also for secondary harms such as fraud, impersonation, and targeted social engineering against faith communities. Attacks on houses of worship carry disproportionate impact—disrupting charitable services, eroding donor confidence, and placing already vulnerable populations at further risk. As ransomware groups continue to diversify their targeting beyond traditional corporate and government victims, faith-based organizations are increasingly part of the threat landscape, reinforcing the need for improved cyber hygiene, incident response planning, and sector-wide information sharing tailored to nonprofit and religious institutions. You can read more about Interlock Ransomware, including Indicators of Compromise (IOCs) from this CISA Cybersecurity Advisory from July of this year.