SUMMARY OF TERRORISM THREAT TO THE U.S. HOMELAND
This Bulletin will expire on or before January 18, 2020 at 1:00 PM EST

• The United States designated Iran a “State Sponsor of Terrorism” in 1984 and since then, Iran has actively engaged in or directed an array of violent and deadly acts against the United States and its citizens globally. The United States designated Iran’s Islamic Revolutionary Guard Corps (IRGC) a Foreign Terrorist Organization on April 15, 2019 for its direct involvement in terrorist plotting.
• On January 2, 2020, the United States carried out a lethal strike in Iraq killing Iranian IRGC-Quds Force commander Qassem Soleimani while Soleimani was in Iraq.
• Iranian leadership and several affiliated violent extremist organizations publicly stated they intend to retaliate against the United States.
• At this time we have no information indicating a specific, credible threat to the Homeland. Iran and its partners, such as Hizballah, have demonstrated the intent and capability to conduct operations in the United States.
• Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets.
• Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.
• Iran likely views terrorist activities as an option to deter or retaliate against its perceived adversaries. In many instances, Iran has targeted United States interests through its partners such as Hizballah.
• Homegrown Violent Extremists could capitalize on the heightened tensions to launch individual attacks.
• An attack in the homeland may come with little or no warning.
• The Department of Homeland Security is working closely with our federal, state, local, and private sector partners to detect and defend against threats to the Homeland, and will enhance security measures as necessary.

See the full  document here. 

While the analysts are still contemplating the implications of the killing of Iran’s Revolutionary Guards Quds Force commander Qasem Soleimani (see a profile here), the consensus is that Iran will try to exact revenge somewhere around the world. Targets associated with Jewish community have been in Iran’s crosshairs since the AMIA bombing in Argentina in 1994. In 2012, the incoming Executive Director of JCRC-NY and UJA-Federation’s Community Security Initiative focused on the threat to Jewish targets in the Wall Street Journal. Experts surmise that Iran and Hezbollah conducted surveillance on Israeli, Jewish, or pro-Western institutions, tourists, or high-profile individuals; or Israeli or Western government facilities and personnel. There were recent arrests of Iran-connected suspects here in New York and in Chicago last year.

While there are no known specific threats against New York or the Jewish community, we recommend that Jewish organizations should exercise heightened vigilance.

• Access control. If an attacker can walk into a building unchallenged bad things will happen. No unauthorized person should be able to enter your building at any time. Many organizations, including synagogues, keep their doors locked until the visitor is identified and cleared. The first step is to develop a feasible access control policy (see our Sample Building Access Policies & Procedures) and to keep any door that cannot be monitored and controlled locked.
• Vehicle restraint systems. AKA bollards. Bollards are effective, but expensive and difficult to install. What’s worse, many synagogues and schools have “No Parking” zones directly outside their doors, leaving them vulnerable to ramming or vehicular-borne explosive devices. Our suggestion is for NYC organizations to contact their local Neighborhood Coordination Officers (NCO) and ask for permission to park their own cars or school buses in the “No Parking” zones. Institutions with parking lots should consider parking “friendly” cars adjacent to your building. Find your NCO’s contact info here.
• Assess your cybersecurity. We have received numerous reports about ransomware attacks on Jewish organizations. Iran has significant cyberwarfare capabilities. This is a good time to review your hardware, software and human factor cybersecurity protections. Check out this great primer from NJ CCIC (NJ’s cybersecurity agency) for best practices.
• Report. Anyone who observes any suspicious behavior is encouraged to contact law enforcement immediately at 888-NYC-SAFE. If you see something, say something.
• Connect. The first step in the process is to “Connect”. You should have an ongoing relationship with your local police precinct. They should know when your services and programs are scheduled. If you don’t know your local police officials, the JCRC can help. Click here to contact us.
• Overview. Look at the recent DHS publication, Mass Gatherings: Security Awareness for Soft Targets and Crowded Places, can be a great template for your security planning process. Virtually every suggestion in the document can be applied to your planning process. Organizations should “Connect, Plan, Train, and Report”. Applying these four steps in advance of a possible incident or attack can help better prepare  us to proactively think about the role that our whole community plays in the safety and security of our organizations.
• Plan. Download Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities and Hometown Security Report Series: Houses of Worship for  suggestions and ideas.
• Active Shooter response. Many of our contacts attended active shooter trainings offered in the New York area last week. If you could not attend either session or another training, click here for the JCRC-NY dedicated Active Shooter Resources webpage that includes resources from many sources. If you want to arrange a training the JCRC can help, based on available resources. Click here to contact us.
• Security personnel. Guards at synagogues vary in quality, but generally, almost anything is better than nothing. Volunteers are good, trained volunteers are better. Uniformed guards (e.g., identifiable shirts, vests, blazers) can be deterrents. Guards who are off-duty or retired police or corrections officers bring experience, training and judgement. To be effective, any guard has to have clear instructions and procedures (see below). NYPD does have a Paid Detail Unit which provides officers to perform off-duty, uniformed security work within New York City for approximately $45/hour.  Click here for more information and contact details. For a discussion of armed vs. unarmed guards see our post Armed or unarmed security, what’s best? and a guest post here.
• Private security. Some police departments allow private parties to hire off-duty officers in uniform for events (in NYC, contact the Paid Detail Unit). Others use other off-duty officers (hired privately or through a security firm), retired officers or hire private security guards.
• Revisit and review your security plans and procedures.
  • Active shooters. Have a plan and train your staff and key volunteers on its implementation. See JCRC’s dedicated active shooter webpage here.
  • Bomb threats. Review your bomb threat procedures and make sure that your staffers (especially those who answer the phones) know what is expected of them. For a range of resources from top agencies, including the FBI and the DHS guidance click here.
  • Suspicious packages. Is your staff aware that they should be on the lookout for suspicious packages? For USPS guidance click here.

We will be forwarding the NYPD SHIELD analysis as soon as it becomes available. Questions? Click here to send questions, comments and suggestions.