Faith-Based Daily Awareness Post 7 April 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.    

Two arrested in Paris over suspected terror plot, explosives found

French authorities have thwarted a suspected terror plot following a series of arrests and explosive discoveries in Paris. Police in Paris arrested two men on Sunday on suspicion of criminal conspiracy linked to a terrorist plot, as well as possession of explosives, according to France’s national anti-terrorist prosecutor’s office.

French media outlets reported that the main suspect, a 19-year-old from northern France, is believed to have connections with the “Islamic State militant group” – claims his lawyer has firmly denied. Le Parisien newspaper reported that one suspect had written a pledge of allegiance to Islamic State and was allegedly planning to carry out an attack in a public space.

Analyst Comments: In a recent Global Forecast, OSAC assessed that ISIS continues to inspire attacks in 2025 and we continue to see online propaganda encouraging attacks. The EU’s most recent Annual Terrorism Report stated that “Young people were involved in planning attacks, creating propaganda and inciting violence. Radicalization often occurs online through virtual communities that reinforce extremist views and target younger audiences with visually appealing content.” That report can be found here. OSAC recommends the following resources:

• Terrorism Alerts and the Private Sector
• U.S. Violent Extremist Mobilization Indicators 2021 

CISA braces for deep staffing cuts

A new round of personnel cuts at CISA could see as many as 1/3 of the agency depart which are expected to impact “every single part of the agency.” A new “Fork in the Road” email is expected soon, with additional layoffs anticipated depending on how many people accept the administration’s offer. Cuts reportedly include 75 contract personnel who work on CISA’s threat hunting operations.

Analyst Comments: The agency has cut funding to several election security efforts, spurring concerns among state and local election officials who relied on the agency for threat intelligence about adversaries targeting their elections. CISA said last month that it was terminating contracts “where the agency has been able to find efficiencies and eliminate duplication of effort,” including in its red team operations.

As we have previously stated, shifts in administration priorities is bound to disrupt normal operations, and any impact to threat intelligence sharing between agencies like CISA and the private sector will only enhance the importance of non-government led information sharing initiatives like the Faith-Based ISAO. We are resharing a LinkedIn post from FB-ISAO Founder and Board President Andy Jabbour that addresses some recent messaging around CISA downsizing and the importance of ISACs/ISAOs.

From Colorado storage unit, Arizona man practiced placing bombs in churches

A Phoenix man who traveled across the western U.S. to sneak backpacks into Christian churches in three states was simultaneously assembling bomb-making materials in Colorado, according to a federal investigation. He was convicted Friday of a federal hate crime. Between September and November of 2023, Zimnako Salah traveled to four Christian churches in Arizona, California, and Colorado while wearing black backpacks. At two of those churches, Salah planted the backpacks, “placing congregants in fear that they contained bombs,” the U.S. Department of Justice stated in a press release. 

Analyst Comments: This case brings up several considerations for Houses of Worship. The first is that Salah’s actions of visiting multiple houses of worship with backpacks could be considered reconnaissance for future attacks, considering the rudimentary explosive device found at his storage unit. Multiple individuals reported Salah’s suspicious activity, demonstrating the important part members of congregations can have in preventing attacks. We encourage community members to familiarize themselves with the Hostile Event Attack Cycle (HEAC) to better understand the various steps many attackers go through.

The case also demonstrates access control concerns that many houses of worship have. As organizations consider steps to further enhance their security measures, we recommend they review The Physical Security Performance Goals for Faith-Based Communities, which are a set of physical security practices that houses of worship and related facilities can use to reduce security risks to their congregations.