This DAP highlights – Neo-Nazis in Ohio and faith-based organizations targeted by multiple ransomware gangs. DAP also has More Faith-Based Stories and Select All-Hazard Stories. These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.
With So Much Going On…Don’t Forget About Physical Security
With the ongoing Pandemic, the election, and severe weather events, it is easy to overlook the upcoming holiday season which is rapidly approaching. In years past, crowds would gather at Faith-Based Organizations’ (FBO) locations and in public spaces for celebrations of the season. These seasonal festivities bring good feelings but also potential threats from attackers who see the larger crowds and soft targets as an opportunity to promote their ideology via mass causality attacks. Whether it is through a vehicle as a weapon / vehicle ramming attack such as in Berlin in 2016, or a knife attack as occurred last year in France, attackers continue to target holiday events and celebrations. However, without a doubt this season will be different than in years past. Already major retailers have shifted sales and shopping online with many not even opening on Thanksgiving Day (going old-school). In addition, government health guidelines will undoubtedly have an impact on the ability for groups to hold celebrations, festivals and markets based on the number of people who can gather together. This does not mean that there won’t be events though. It will just be different. As such, seasonal threats, coupled together with the number of outdoor seasonal events can increase the risk to FBOs. However, by reviewing and assessing their current security situation, and using resources available in products such as the DHS’s Security of Soft Targets and Crowded Places Resource Guide, leaders and organizations can enhance security and make risk-informed decisions related to potential threats.
The evolving threat landscape presents significant security challenges for businesses, especially as organizations attempt to balance the spirit of the season, and practicing / celebrating their faith-based traditions with public safety. COVID-19 has meant that the types of threats that have existed in years past, to include active shooters, or inspired / influenced attacks, have declined. However, violence in other areas has increased (gun violence is up), and there have still been examples of hostile events around the world including recent inspired attacks in France. In addition, continuing through a politically charged election season, and the continued social justice movements, FBOs are likely to experience a dynamic security situation, as well as the enduring threat from low-tech, public venue attacks, and threats from criminals looking to find ways to access customers wallets through scams and thefts.
Recent Notable Threats or Attacks During Holiday Seasons Past
- In 2018, five people when a man attacked civilians at the Strasbourg, France Christmas Market.
- In 2017, the Islamic State provided supporters with a hit list of US churches for supporters to attack.
- In 2017, a truck driver was arrested for planning an attack on Fisherman’s Wharf in San Francisco on Christmas Day.
- The Berlin Christmas Market attack resulted in 12 deaths.
- In 2016, three men were arrested in Australia for planning an attack during the Christmas period in a public space.
- In 2010, the FBI thwarted a terrorist attack at a tree lighting ceremony in Portland, Oregon.
It remains highly likely that FBOs and Houses of Worship (HOW) will continue to look for ways to conduct or host holiday events, concerts, or celebrations in order to attract visitors. And just as likely, attackers are able to use these same events to spread fear and inflict suffering. And while the threats may vary, FBOs face the constant challenge of protecting outdoor venues and public places. Attacks in public spaces, whether they be concert venues, stadiums, lodging, retail spaces, or HOW, pose significant security challenges particularly given holiday festivities and events in public areas around FBOs.
- Vehicle as a weapon (VaaW) / vehicle ramming attacks against facilities have not been as prevalent in 2020, though VaaW attacks did occur in and around protest activities. Despite this, they remain a viable threat especially at outdoor venues or locations. And some locations cannot discount a driver who chooses to come through the front door.
- Outdoor venues, Christmas Markets, holiday parties, outdoor religious concerts or celebrations are all on full display during this season. These events are planned well in advance of the actual event with advertisements provided in all sorts of marketing and social media platforms. This presents a double-edged sword for security teams. While many FBOs strive to attract as many people as possible, these events and activities all represent viable targets to attackers, and give attackers a time and location to plan their attack. They can initiate their attack cycle planning and begin preparations with a definitive timeline in place and begin their target surveillance (HEAC). The general public attending these events are not thinking about threats, they are thinking about having a good time and spreading holiday cheer and their guard is down. All of these contribute to a situation attackers will attempt to take advantage of during the attack.
- Outdoor Displays. FBOs could face increased risk for vandalism should they choose to display outdoor religious scenes, such as the nativity or menorah.
- Christmas Tree Farms or stands, especially those that are held at religious locations, such as houses of worship or community centers. These are especially vulnerable to VaaW attacks as some of these locations are near major road intersections.
Threat actors are resilient and even though COVID-19 had as much impact on them as with everyone else, they will continue to adapt. These recommendations should not be any surprise at this point – the central actions of reviewing and assessing threat activity, planning, training, conducting exercises and rehearsals, and conducting after action reviews/reports to assess effects have been discussed in previous reports, but remain key to ensuring proper security processes and procedures are in place to match the threat. The below are areas of consideration for all organizations.
- Review and Assess Threat Activity. Regardless of the attack, and regardless of the circumstances, organizations are encouraged to review each instance and assess whether a similar type of attack could impact their business/organization. Threat intelligence and information gathering are important steps in this assessment which makes coordination with local law enforcement, fusion centers, tenants, neighbors and other proximate facilities and organizations, and FB-ISAO and member organizations an important part of understanding the potential threat or risk in your specific area.
- Plan. If a type of attack is determined to impact an organization, assess how? And then what steps will be taken to mitigate that threat. This requires regular meetings to review security plans and to conduct security vulnerability assessments of their organization.
- Train. Training for all employees, full-time, part-time, seasonal, etc., should be provided to address security planning and procedures. Equally important is that employee training should not differ between types of employees. A seasonal employee needs to know the same type of security training as a full-time employee. COVID is also a consideration here. FBOs are encouraged to train for the potential that a key leader or member of the security team may fall ill and cannot attend events. This will require secondary and potentially tertiary trained personnel to know what to do in the event of an emergency or incident.
- Exercise. Training is reinforced with practical exercises. These are events based on real events that help test all personnel on responding to specific events or threats. Security rehearsals are also an important technique. Think Fire Drill but for security breach, hostile customer, active shooter, in-store fight over a limited item, or VaaW.
- Conduct After Action Review. A key to learning is self-assessment. What went right, what went wrong, and what can be done better and what is the organization going to do to be better.