May 5779 be a year of peace and security; what you can do to help
Rosh Chodesh Elul includes clarion calls indicating that the High Holidays are coming soon. So, now is a good time to check out a recent presentation on synagogue security or to take a deeper dive into the library of documents available on the JCRC-NY Security Resources pages. Here are some relevant selections:
High Holiday Security and Emergency Preparedness Planning Library
- High Holidays: Are you ready to get out if you have to?
- JCRC-NY High Holiday Security Thinkplate
- Access control considerations during High Holiday services (PDF)
- Houses of Worship and the High Holidays
- Planning for the Unexpected – High Holiday Edition 2010 (PDF)
Topical guidance
- Are you prepared? 5 steps to make your facility safer and more secure
- Sample Building Access Policies & Procedures (PDF)
- Bomb Threat Guidance resources. See also Hoax threats can be scary, too, To evacuate or not to evacuate? That is the question., DHS’ Introduction to Bomb Threat Management, Manhattan bomb threat: lessons learned, Bomb threat training video.
- Active Shooter Resources Page (DHS, FBI and NYPD)
- Cybersecurity Resources Page
- US Postal Inspection Service Guide to Mail Center Security (PDF)
Vulnerability, Risk and Safety Assessments and Planning
- FEMA: Reference Manual to Mitigate Potential Terrorist Attacks Against Buildings
- FEMA, Emergency Operations Planning
- DHS:
- Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities (Updated)
- Hometown Security Report Series: Houses of Worship
- K-12 School Security: A Guide for Preventing and Protecting against Gun Violence (2nd ed., 2018) provides preventive and protective measures to address the threat of gun violence in schools. The Guide is delivered in two parts: the first portion is a PDF with general security best practices and considerations in narrative format; while the second portion is a Microsoft Excel-based security survey. Together, these documents outline action-oriented security practices and options for consideration based on the results of the individual school’s responses to the survey. While the primary audience for the Guide is the K-12 community, institutions of higher education or pre-K schools may also benefit from the information presented.
- NYPD: Engineering Security: Protective Design for High Risk Buildings
- OSHA: Evacuation Plans and Procedures eTool. This expert system will help you to create a basic Emergency Action Plan. This basic plan likely will be adequate for needs of many small and medium-sized entities. Most small and medium-sized entities can create basic plans using this system in 10 to 15 minutes. Larger, more complex organizations will require more work.
- Practical Information on Crisis Planning: A Guide for Schools and Communities. U.S. Department of Education, Office of Drug Free and Safe Schools. Taking action now can save lives, prevent injury, and minimize property damage in the moments of a crisis. The importance of reviewing and revising school and district plans cannot be underscored enough, and Practical Information on Crisis Planning: A Guide for Schools and Communities is designed to help you navigate this process. The Guide is intended to give schools, districts, and communities the critical concepts and components of good crisis planning, stimulate thinking about the crisis preparedness process, and provide examples of promising practices.
- Emergency Preparedness Planning Guide for Childcare Centers. From the Illinois Emergency Medical Services for Children (a collaborative program between the Illinois Department of Public Health and Loyola University Chicago). Lots of ideas to keep toddlers safe.
- Readiness and Emergency Management for Schools (REMS) Technical Assistance Center, U.S. Department of Education
- REMS: Conducting a Safety Audit
- California STAS: Protective Measures for Enhanced Facilities Security
- New Jersey Office of Homeland Security and Preparedness Critical Infrastructure Protection Bureau: Facility Self-Assessment Tool (updated) and other tools here.
Cybersecurity: WordPress Vulnerabilities
FBI (April 7) ISIL Defacements Exploiting WordPress Vulnerabilities. Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). The defacements have affected Web site operations and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites. Although the defacements demonstrate low-level hacking sophistication, they are disruptive and often costly in terms of lost business revenue and expenditures on technical services to repair infected computer systems. Click here for the full alert.
Best practice. The FBI recommends the following actions be taken:
- Review and follow WordPress guidelines: http://codex.wordpress.org/Hardening_WordPress
- Identify WordPress vulnerabilities using free available tools such as
http://www.securityfocus.com/bid,
http://cve.mitre.org/index.html,
https://www.us-cert.gov/ - Update WordPress by patching vulnerable plugins:
https://wordpress.org/plugins/tags/patch - Run all software as a non-privileged user, without administrative privileges, to diminish the effects of a successful attack
- Confirm that the operating system and all applications are running the most updated versions.
Click on the graphic to open a PDF version of this notification.
- Haaretz (April 7) Anti-Israel cyberattack a far cry from promised ‘electronic holocaust’. Hacktivists belonging to Anonymous collective release what appears to be Israelis’ private information and hijack websites.
- JTA (April 7) Hackers bring down private Israeli websites, fail to damage gov’t sites
- Jerusalem Post (April 7) Cyber terrorism triggers severe psychological, physical stress, Haifa researchers shows. “Vast majority of public are complacent and, until they are exposed to a personal cyber attack, they see cyber terrorism as nothing more than an inconvenience,” expert says.
The FBI is warning U.S. companies that cyber terrorists from the Middle East and North Africa are planning to conduct cyber-attacks against Israeli and Jewish interests next week. The Bureau stated in a security notice to U.S. industry on Sunday that, as of early March, “several extremist hacking groups indicated they would participate in a forthcoming operation, #OpIsrael, which will target Israeli and Jewish Web sites.”
“Given the perceived connections between the government of Israel and Israeli financial institutions, and those of the United States, #OpIsrael participants may also shift their operations to target vulnerable U.S.-based financial targets or Jewish-oriented organizations within the United States,” the FBI warning said.
The FBI predicts that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks. So, make sure that your techies and hosts maintain and update your systems.
The FBI said members of at least two extremist hacking groups it did not identify are currently working to recruit hackers for the attacks next week. The hacker group Anonymous this week also threatened an “electronic Holocaust” in a video statement.
The FBI estimated that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks. However, as part of its program to notify private industry of major cyber threats, the FBI is notifying several possible targets.
Lots of phishing going on: Stop, think, click
How do you stop phishers? Look for these clues. Click to enlarge.
OK, you’ve heard it over and over…don’t click on unknown links. Well, people, even smart people, don’t listen. You get an email from someone that you know, click on what is said to be a “secure” link and your adventure begins.
Here’s the bait. It looks official. People click and type in their password, giving their email account and contacts to hackers.
Now the phisher has you lured in. You’re asked to sign in. A nasty bot takes control of your computer, steals your contact list and sends everyone on your list an invitation to become infected.
Recommendations:
-
- Look at the illustration at the top of this email. Be aware.
- Do not follow unsolicited web links in email messages or submit any email account or password information to unknown webpages in links.
- Use caution when opening email attachments. Refer to Using Caution with Email Attachments for more information on safely handling email attachments.
- Maintain up-to-date anti-virus software.
- Perform regular backups of all systems to limit the impact of data and/or system loss.
- Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity.
- Secure open-share drives by only allowing connections from authorized users.
- Keep your operating system and software up-to-date with the latest patches.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
US-CERT and DHS encourage users and administrators experiencing a ransomware infection NOT to respond to extortion attempts by attempting payment and instead to report the incident to the FBI at the Internet Crime Complaint Center (IC3).
Here are some free resources to see if your computer is infected (from STOP. THINK. CONNECT.™ the global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online. – See more at: http://www.stopthinkconnect.org/)
- AOL Computer Checkup
- Audit My PC
- Bitdefender
- Kaspersky Virus Scanner
- McAfee Security Scan
- Microsoft Safety Scanner
- nCircle Pure Cloud Vulnerability Scanner
- Neustar SiteProtect
- Norton Security Scan
- Panda Security Antivirus Scan
- Qualys Browser Check
- QualysGuard Malware Protection
- Secunia Personal Software Inspector (PSI)
- Sophos Free Security Tools
- Symantec Security Scan
- Trend Micro HouseCall Virus Scan
- Webroot Secure Anywhere Antivirus
For more tips about cybersecurity, check out the following non-technical publications:
- General Cyber Tips
- Stop.Think.Connect. Toolkit
- Mobile Safety Tips
- FCC’s Smartphone Security Checker
- Tips for Undergraduates entering the workforce
- Information on Cyber Careers
- Cybersecurity 101
- Law Enforcement Resources
- Information on Critical Infrastructure
Syria: potential repercussions
The escalating drumbeat for military action naturally leads to questions about possible terrorism here in New York. Note: as of today there are no specific, credible threats against New York or the Jewish community. Nevertheless, all Jewish organizations should review their security and emergency preparedness plans to ensure that they are up-to-date and that they can be readily implemented. Some specifics:
High Holidays
If you are an organizations hosting High Holiday services and/or programs you should:
- Notify your local police about all planned services and programs. Discuss the number of people expected at each service and ask them for any suggestions that could improve your security and emergency preparedness plans.
- Review your security and emergency preparedness measures, especially access control, evacuation and lockdowns. Meet with your staff and volunteers and make sure that everyone is on the same page and knows what to do. Check the “High Holidays” category for more suggestions..
Potential for Cyberattacks
Last week the Syrian Electronic Army compromised the New York Times website and others. Western financial institutions are also targetted by others. We all should review our own cybersecurity because, in the past, anti-Israel hackers have attacked Jewish-related sites. See JCRC’s Cybersecurity Resources.
This week the FBI distributed the following:
- The Syrian Electronic Army (SEA), a pro-regime hacker group that emerged during Syrian antigovernment protests in 2011, has been compromising high-profile media outlets in an effort to spread proregime propaganda. The SEA’s primary capabilities include spearphishing, Web defacements, and hijacking social media accounts to spread propaganda. Over the past several months, the SEA has been highly effective in compromising multiple high-profile media outlets.
- The SEA has recently compromised high profile media Web sites through a new tactic of hacking third party networks – including a Domain Name System (DNS) registrar and a content recommendation website.
- In April 2013, the SEA compromised the Twitter feed of the Associated Press, posting a false story that President Obama was injured, causing in a brief drop in the stock market.
- In addition to Syrian hackers, groups or individuals sympathetic to the SEA may also be observed participating in CNO efforts against US Web sites and networks.
- Please maintain heightened awareness of your network traffic and take appropriate steps to maintain your network security. If you detect anomalous or malicious traffic or network behavior, please contact your local FBI Cyber Task Force or the FBI CyWatch (855) 292-3937 immediately.
Defending Against Hacktivism
In general, hacktivism cyber attacks may result in denial of service, Web site defacements, and the compromise of sensitive information which may lead to harassment and identify theft. Although the specific OpUSA claims referenced above speak specifically to DDoS attacks, precautionary measures to mitigate a range of potential hacktivism threats include:
- Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
- Have a DDoS mitigation strategy ready ahead of time and keep logs of any potential attacks.
- Scrutinize links contained in e-mail attachments.
- Regularly mirror and maintain an image of critical system files.
- Encrypt and secure sensitive information.
- Use strong passwords, implement a schedule for changing passwords frequently and do not reuse passwords for multiple accounts.
- Enable network monitoring and logging where feasible.
- Be aware of social engineering tactics aimed at obtaining sensitive information.
- Securely eliminate sensitive files and data from hard drives when no longer needed or required.
- Establish a relationship with local law enforcement and participate in IT information sharing groups for early warnings of threats.
Sci-Tech Today | Pro-Palestinian Group Hacks Jewish Paper’s Site
| Pro-Palestinian Group Hacks Jewish Paper’s Site By Adam Dickter
Pro-Palestinian hackers managed to deface the web site of The Jewish Chronicle in London, but didn’t make it into the newspaper’s file system. The cyberattack apparently protested Israel’s blockade of the Gaza Strip. The Chronicle said the attackers defaced a virtual file system that was cleared by rebooting. The attackers may be based in Turkey. more. . . |
|||