Security/Emergency Information

Lessons learned: Aventura, FL bomb plot

Posted on May 09, 2016

The FBI arrested James Gonzalo Medina (aka James Muhammad) on April 29, 2016 for attempting to use a weapon of mass destruction against persons or property within the United States. Click here for the “Lessons Learned”.

The allegations

Aventura-Turnberry Jewish Center

Aventura-Turnberry Jewish Center

According to a complaint filed with the US District Court for the Southern District of Florida at a hearing on May 2, 2016, Medina was arrested after he attempted to place what he believed to be an improvised explosive device (IED) at the Aventura Turnberry Jewish Center (a large Conservative synagogue) in Aventura, Florida. The device Medina attempted to place and remotely detonate was never operable due to FBI intervention.

Medina, according to the complaint, had stated his desire to conduct an attack, saying it was to “strike back to the Jews” because “It’s a war man and it’s like it’s time to strike back here in America.”

On March 27, 2016, Medina and two associates allegedly discussed an interest in conducting an attack on a synagogue. One of the associates subsequently relayed Medina’s intentions to die in a shooting at a synagogue in Aventura to the FBI. According to the complaint, on or about April 1, 2016, Medina confirmed his desire to conduct a weapons attack using AK-47 rifles and that, if he were to conduct an attack, he would want to do it at a synagogue. Medina further explained his desire to become a martyr in the attack. When Medina was told that there was a Jewish holiday in a few weeks, Medina responded by saying that it would be a good time to attack. He also allegedly discussed hiding a bomb in the bathroom.

The complaint alleged that Medina created a flyer that contained a photo of the ISIS flag and the words “ISIS in America;” and that he made three videos, saying, “I am a Muslim and I don’t like what is going on in this world…Aventura, watch your back. ISIS is in the house;” “Today is gonna be a day where Muslims attack America. I’m going to set a bomb in Aventura;” and one saying goodbye to his family.

On the day of his arrest, Medina allegedly took possession of what he believed to be an explosive device in a parking lot in Hallandale Beach, FL. He did not know that it was inert and of no danger to the public. He was arrested upon his arrival at the synagogue. Continue Reading

TAU report| Anti-Semitism: “Good” news and bad in 2015

Posted on May 05, 2016
These statistics refer to acts of violence and vandalism perpetrated against Jewish individuals and Jewish private and community property worldwide during 2014. The figures are based on the Kantor Database for the Study of Contemporary Antisemitism and Racism and reports of the Coordination Forum for Countering Antisemitism. It should be stressed that the graphs reflect only major violent incidents (such as arson, weapon attacks, weaponless attacks, serious harassment, and vandalism or desecration).

These statistics refer to acts of violence and vandalism perpetrated against Jewish individuals and Jewish private and community property worldwide during 2014. The figures are based on the Kantor Database for the Study of Contemporary Antisemitism and Racism and reports of the Coordination Forum for Countering Antisemitism. It should be stressed that the graphs reflect only major violent incidents (such as arson, weapon attacks, weaponless attacks, serious harassment, and vandalism or desecration).

Tel Aviv University’s Kantor Center for the Study of Contemporary European Jewry just released its 2015 worldwide analysis of anti-Semitism. Read the entire report here. The executive summary is below.

The feeling with which the year 2015 ended was one of fear and concern, among Jews and non-Jews alike, especially in Europe. Waves of immigrants shook the continent, and terror took a terrible toll in human lives and brought up heavy questions and doubts regarding the ability of democracies to defend themselves and their citizens. The Jewish communities and Jews as individuals feel threatened by the influx of refugees on the one hand, and the increase in the right wing parties’ electoral power as a result, on the other. On the one hand, recent developments brought down the number of violent anti-Semitic cases perpetrated against Jews and Jewish sites, and on the other the nature of the violent cases have become more cruel, and the growing variety of verbal and visual anti-Semitic expressions, mainly on social media, became more brutal and insulting. An attempt to explain these seemingly contradicting tendencies is therefore required.

The number of violent antisemitic incidents worldwide decreased quite dramatically during 2015, especially after the first months of the year, in comparison to 2014: The Kantor Center team monitored 410 violent cases during 2015, compared to 766 in 2014, a decrease of approximately 46%. While this is the lowest number in the recent decade, it should be taken in consideration that 2014 was a very difficult year, especially due to the Protective Edge operation during the summer, and that the number of violent cases in 2015 is more or less equal to that of 2011, and that, compared to 2013, the decrease in 2015 is about 26%.

The decrease is most notable in the modus operandi in all its variations, especially the use of weapons (a decrease of over 60%) and arson (decrease of over 50%), and in weaponless cases, threats and vandalism as well. Regarding targets, the most notable decrease is in cases perpetrated against synagogues (by about 70%!) and individuals by close to 50%), as well as against schools and community centers, and the highest numbers of registered incidents was perpetrated against cemeteries and memorials.

It should be noted that these numbers are the result of the specific monitoring and analysis system developed by the Kantor Center team, which has been working together on these issues for more than twenty years now, and are based on the various reports sent to us by our contact persons in the world at large. The specific criteria (anti-Semitic motivation, and no exaggeration or diminishing of the severity of the situation, counting a multi-event as one case) are the basic reason for the differences that might occur between these numbers and those released by other monitoring communities and institutes.

Read the entire report here.

Posted in Anti-Semitism

FBI says “don’t be a victim”: Ransomware on the rise

Posted on May 01, 2016

Graphic of Tablet Screen with Lock and Key (Stock Image)From the FBI’s Cyber Division: Incidents on the rise, protect yourself and your organization

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted recently by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them. See a New York Times article here.

The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation.

And, of course, home computers are just as susceptible to ransomware, and the loss of access to personal and often irreplaceable items—including family photos, videos, and other data—can be devastating for individuals as well.

Ransomware has been around for a few years, but during 2015, law enforcement saw an increase in these types of cyber attacks, particularly against organizations because the payoffs are higher. And if the first three months of this year are any indication, the number of ransomware incidents—and the ensuing damage they cause—will grow even more in 2016 if individuals and organizations don’t prepare for these attacks in advance.

While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

Tips for Dealing with the Ransomware Threat

Prevention Efforts

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).

Business Continuity Efforts

  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

How does it work?

In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals.

And in newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all. According to FBI Cyber Division Assistant Director James Trainor, “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.”

The FBI doesn’t support paying a ransom in response to a ransomware attack. Said Trainor, “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

So what does the FBI recommend?

As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
The creation of a solid business continuity plan in the event of a ransomware attack. (See sidebar for more information.)
“There’s no one method or tool that will completely protect you or your organization from a ransomware attack,” said Trainor. “But contingency and remediation planning is crucial to business recovery and continuity—and these plans should be tested regularly.” In the meantime, according to Trainor, the FBI will continue working with its local, federal, international, and private sector partners to combat ransomware and other cyber threats.

If you think you or your organization have been the victim of ransomware, contact your local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center.


Emergency Planning for schools | Tuesday, May 3

Posted on April 15, 2016


Emergency Planning for Private Schools Workshop

Tuesday, May 3, 2016
9:00 AM – 5:00 PM
(Registration begins at 8:30AM)
Manhattan Municipal Building
North Mezzanine
1 Centre St, New York, NY 10007

This workshop is intended to provide guidance on emergency planning for private schools. Participants will receive training in the basic fundamentals of emergency planning and how to develop their school’s Emergency Operations Plans (EOPs). They will hear from subject matter experts from the NYPD, FDNY, New York State Police and the US Department of Education on available tools to support school emergency planning efforts.

The first half of the workshop will be a presentation from the US Department of Education Readiness and Emergency Management for Schools Technical Assistance Team (REMS). This portion of the program will provide an overview of the recommended six step planning process to create a high-quality school emergency operations plan.

The second half of the day will feature presentations by:

  • NYPD: They will discuss the Shield Program and other NYPD services available to schools.
  • New York State Police: They will demonstrate their school emergency operations planning template.
  • FDNY: They will cover fire safety and school evacuation plans.

Intended Audience:
Private school administrators and security personnel interested in creating, revising, or enhancing school emergency operations plans.

Registration for this event closes on Tuesday, April 26, 2016 at 5:00 pm Eastern Standard Time.

Cancellations must be received no later than three business days in advance.

NYCEM Academy provides reasonable accommodations. If you are in need of a disability accommodation, please send your request to

Brussels attack analysis | get smart fast

Posted on March 27, 2016

Last week’s attack and sorting through the information overload is daunting. We regularly turn to a few knowledgeable sources to help to guide us when we’re perplexed. Here are a few examples:

  1. Foreign Fighters in Syria/Iraq (2012 to 2014) – per million population

    Founded in 1996, the International Institute for Counter-Terrorism (ICT) is one of the leading academic institutes for counter-terrorism in the world, facilitating international cooperation in the global struggle against terrorism. It is based at the Interdisciplinary Center (IDC), Herzliya and includes some of the top experts in terrorism, counter-terrorism, homeland security, threat vulnerability, risk assessment, intelligence analysis, national security and defense policy. See their The Brussels Attacks – What do we know? & Insights from ICT Experts.

  2. The National Consortium for the Study of Terrorism and Responses to Terrorism—better known as START—is a Department of Homeland Security Center of Excellence headquartered at the University of Maryland comprised of an international network of scholars committed to the scientific study of the causes and human consequences of terrorism in the United States and around the world. See their Terrorism in Belgium and Western Europe; Attacks against Transportation Targets; Coordinated Terrorist Attacks.
  3. The U.S. State Department issued a Travel Alert for Europe cautioning that terrorist groups continue to plan near-term attacks throughout Europe, targeting sporting events, tourist sites, restaurants, and transportation. The State Department also maintains a Worldwide Caution which highlights that all European countries remain vulnerable to attacks from transnational terrorist organizations.
  4. Stratfor is a geopolitical intelligence firm that provides strategic analysis and forecasting to individuals and organizations around the world. One of their recent analyses observes, “The Brussels blasts are a striking reminder of the difficulty of preventing attacks against soft targets. Unlike hard targets, which tend to require attackers to use large teams of operatives with elaborate attack plans or large explosive devices to breach defenses, soft targets offer militant planners an advantage in that they can frequently be attacked by a single operative or small team using a simple attack plan. In addition, attacks against transportation-related targets such as metro stations and airports allow attackers to kill large groups of people and attract significant media attention.” Alongside transportation hubs, hotels and restaurants, institutions — such as houses of worship and schools — are classic soft targets. See Brussels Blasts: The Struggle to Secure Soft Targets.
  5. Scott Atran is an anthropologist at France’s National Center for Scientific Research, Oxford University, John Jay College and the University of Michigan and author of Talking to the Enemy and In Gods We Trust. His research specialty is terrorists: how they are recruited, how they think, why are they so effective. He and his team are quite busy these days: he’s embedded with the Peshmerga outside of Mosul interviewing captured (and soon to be executed) ISIL fighters; his team is running experiments in neighborhoods like Molenbeek and around the Bataclan, and tracing out the networks of the friends, family and disciples of the Paris and Brussels terrorists. His, often raw, Facebook posts from the battlefield carry a surrealistic quality. He recently addressed the UN Security Council on The Role of Youth in Countering Violent Extremism and Promoting PeaceWe do not necessarily agree with every one of his conclusions, but he is consistently thoughtful and incisive.