As the threats seem to multiply, people are growing frustrated that the threats continue. Watch NYPD’s John Miller’s update on the investigation on CBS This Morning (March 9, 2017).
So when is the NSGP grant be coming out?
Short answer, we don’t know. The U.S. Department of Homeland Security cannot formally announce any grant program before there is a federal budget and Congress gave itself up to April 28, 2017 to come to an agreement. Both the House and the Senate included the program in their appropriations, but they must still work out the funding level of the program (We want it raised to $25 million.). It could be that the grant deadline is only days, rather than weeks, after the grant announcement, so get started now!
We don’t expect many changes in the application process this year. Our best advice, complete all of the preliminary steps below and a draft of your application (known as the “Investment Justification” or “IJ”) as soon as possible. If there are any changes, you will be able to concentrate on the changes.
One final piece of advice. If you think that your organization is at high risk because of ideology-based/spiritual/religious reasons, think about how you would document them, especially if you follow mission implementing policies or practices that may elevate your risk. If you are a religious corporation, the answer is clear. If not, there may be an opportunity to document the risk.
NSGP 2017
|
|
| Prequalification | NY nonprofits should register at https://grantsgateway.ny.gov/ & complete their Document Vault . See JCRC-NY’s additional information at: https://jcrcny2022.wpengine.com/document-vault-faqs/ .If your nonprofit was previously prequalified, you will still have to update certain documents or your document vault is expired. Check our your document vault for more information. |
| E-Grant registration | If you have an existing account (and remember the username/password), you’re fine; to register for the DHSES E-Grant system, email: grants@dhses.ny.gov |
| Risk assessment | Find guidance and contacts at: https://jcrcny2022.wpengine.com/security-assessment/ and JCRC-NY’s guide to security consultants here.There are some self-assessment tools available. Check out:
|
| Investment Justification | The 2017 forms are not ready. Download the 2016 Investment Justification here to see what the applications looks like. Just make sure that the |
| For the most up-to-date info | https://jcrcny2022.wpengine.com/securitygrants |
| Questions? | Click here to send questions about the grant program. |
To evacuate or not to evacuate? That is the question.
With over 150 hoax bomb threats reported, you should have already have a plan. However, the ongoing threats should serve as a reminder to review our ongoing guidance, make use of the resources and implement the recommendations, as appropriate.
Should we be worried? At this time the experts conclude that the series of
incidents referencing threats against schools, Jewish facilities and businesses likely do not represent a credible terrorist threat for two reasons:
- terrorists’ rarely provide operational insight into their planning, and
- the fact that nearly all hoaxes in the United States are conducted by criminal actors or those instigating a nuisance prank.
What are my options? Many security experts question the wisdom of the policy of evacuation. After all, a terrorist could trigger an evacuation of a facility with a simple phone call and then attack the evacuees in multiple ways. On the other hand, someone could place 100 hoax bomb threat calls, but actually plant a bomb on the 101st. (In rebuttal, why make a warning phone call when simply planting the bomb works).
The bottom line is that there is no perfect solution, so all institutions should think about their options and consult with local law enforcement in the absence of the pressure of an actual emergency.
Think about options
Your response should be tailored to the nature of the threat. Don’t expect people to gather information, to analyze the situation and to identify the best option in the wake of a threat. Understand the risk (use the chart to the left) and define actions that can be taken under various circumstances.
Some other ideas:
- Set up a meeting with your local police to review and discuss your options.
- There is no perfect solution. This is an issue that should be raised at a security committee or board meeting. Remember, your reputation is at stake and your decision may create liability issues.
- Identify possible options leading to a sheltered evacuation, i.e., one that minimizes the dangers of an attack on evacuees:
- Is your parking lot a relatively safe area? Could you evacuate there and stand an appropriate distance from your facility? Is there a sheltered path to an adjoining building? Can the local police establish a perimeter to protect the evacuees?
- Develop appropriate protective measures based on your facility’s characteristics. For example, some facility managers have identified areas (e.g., a pool or gym) that are not cluttered and therefore, easy to check for bombs. If the architecture of the building is engineered so that the building would not likely collapse on those inside, one option is to evacuate people to these safe (or more accurately, safer) places (HT to Steve Levy of ISA).
- Communicate, early and often. If you decide not to evacuate, some stakeholders will question your judgement and try to second-guess you. A well-planned sheltered evacuation option is easy to explain and to show that your highest priority is the safety of your stakeholders. Whatever you choose, have pre-written messages ready to go should you become a target.
No one can give you a perfect answer. Identify your options, consult with the best people possible and keep your people safe.
Hoax threats can be scary, too.
Should we be worried? At this time the experts conclude that the series of incidents referencing threats against schools, Jewish facilities and businesses likely do not represent a credible terrorist threat for two reasons:
- terrorists’ rarely provide operational insight into their planning, and
- the fact that nearly all hoaxes in the United States are conducted by criminal actors or those instigating a nuisance prank.
Due to the common occurrence of bomb threats across the country over the last few years, the experts judge malicious terrorism hoaxes such as bogus emails and phoned-in threats, including robo-calls, will almost certainly continue, diverting resources as they create disturbances and send false alarms. However, don’t become blasé. Someone might take advantage of the hoaxes to accomplish a real attack.
What should we be doing? Consider these incidents to be a teaching moment. How would your organization handle such threats.
- Know what you should do. Have a bomb threat plan before an incident happens. For starters, check out DHS’ Bomb Threat Guidance and Introduction to Bomb Threat Management. Add JCRC-NY’s post, Manhattan bomb threat: lessons learned to your reading list. Now is a good time to review, or to think through your own plans. Our own Emergency Planning: Disaster and Crisis Response Systems for Jewish Organizations has a longer chapter discussing the issue.
- Train your phone answerers. Everyone answering the phone (including those who might answer) should be taught how to handle a phone threat with this checklist. Have copies of the bomb threat checklist posted nearby.
- You have to communicate.
- First things first. Call 911. Bring in the cavalry…ASAP. Whether you think the incident is real or a hoax, contact the experts and defer to them. Have a system (with primary and backup callers) that ensures that someone calls 911 immediately. Remember, don’t use a cell phone or walkie-talkie in the area of a suspicious package … you might set it off. Get to your landline.
- Get the word out. Even if your people know what to do (i.e., you’ve conducted bomb scare drills) you have to let them know that they have to do it. Does your building have a public address system? Do you have cell phone numbers for all of your staff so that you can text them with updates? Can you modify your fire alarm system so that it sounds a distinctive signal for a bomb scare?
- Let your constituencies know what’s happening. Bomb scares create angst and the possibility of physical danger, but there is the potential for risk to your reputation. No one wants a parent to learn about an incident from the media. Have pre-written messages ready for distribution directly to your constituencies (e.g., by text) stressing the steps you’ve taken and that everyone is safe. Have a point of assembly where worried parents can go for additional information from your best staffers. Work with the police to direct people to the appropriate areas. Do not post specifics on social media. Click here for resources on crisis communication.
- Decisions, decisions. Have someone in charge (and a backup). OK, you receive a threat, now what? Certainly, dial 911, but should you evacuate or not (might someone use a bomb threat in order to trigger an evacuation setting up an active shooter or vehicle ramming?)? In reality there is no perfect answer to this question. Someone has to give the order and there will be no time to waste.
- Know where to go. If you decide to evacuate out of an abundance of caution you probably don’t want to stand in the street, especially if the weather is bad. Do you have an agreement with a neighboring institution that allows you to bring people into their facility. By doing so you can keep your people warm and dry and out of harms way.
- Keep unused parts of your building locked. It’s good practice to have your staff check your facilities daily, looking for something that “Just Doesn’t Look Right”. As they move through the rooms they should lock the doors. Closets and other storage areas should be kept locked. If you develop such procedures and do receive a bomb threat, the bomb sweep of your building can be accomplished faster.
- Consult your leadership about security plans. There will always be Monday morning quarterbacks, but a review of your plans at the Board level should empower those making difficult decisions under duress. As they say, “once is not enough.” Revisit security planning and procedures on a regular basis.
How can we know if the threat is real? The intelligence firm, Stratfor, recently published an article: How to distinguish a bomb threat from a bomb warning. The experts suggest some other possible indicators of a hoax:
- Most genuine bombers wouldn’t specify the exact timing and target of an attack (since providing that information would jeopardize the success of an event);
- Most genuine bombers wouldn’t use threats with complex scenarios involving chemical weapons or other advanced capabilities, or cite geographically dispersed targets; and
- Most genuine bombers wouldn’t use threats involving large numbers of operatives.
Remember, there are no guarantees in security. You will have to weigh the options and make the best decisions possible. If you’ve thought about the options and have made decisions ahead of time, the odds of making the right decision increase dramatically.
Awareness 101: When it “Just doesn’t look right”
Experts note that terrorist attacks don’t appear out of thin air. In virtually every situation (and that includes active shooter events) an attacker practices “pre-operational surveillance.” More mundanely, they “case the joint” or just show up to observe, orient themselves to the situation and to decide how they will act during their attack. When suspect behavior is reported (1-888-NYC-SAFE) it can be investigated and an attack can be interrupted.
Determining that it “Just doesn’t look right”
The NYPD Intelligence Bureau just released some excellent guidance. Its primary focus is to help detect suspicious signs along special event routes (e.g., parades) or areas designated for large-scale public gatherings (e.g., demonstrations, celebrations, street fairs, etc.), but can apply to houses of worship, schools, community centers and other gathering points. The following examples of activity, though not fully inclusive, may be of possible concern to law enforcement (Click here for a PDF of the NYPD Indicators of Terrorist Activity guidance):
- The appearance of a suspicious vehicle (including bicycles with a storage basket; motorcycles; utility storage boxes, etc.) parked near the area designated for the event to take place. Items left for a protracted period of time and disregarded.
- Actions by an individual that suggest the pre-event videotaping or still photography of the route or location (and surrounding area) for no apparent reason (i.e., no aesthetic value). Sketching of the area e.g., cross streets, access streets into and out of the area.
- Any request to videotape from a roof or a vacant unit/apartment overlooking the event venue.
- The sudden appearance of a new street vendor in an area adjacent to the event route, the venue’s access doors, or gathering location.
- Unclaimed or suspicious packages/objects found along the special event route/location.
- Individuals sitting or standing at a bus stop and not boarding a bus; Individuals sitting at a particular location (e.g., park bench) at the same time each day for numerous days.
- The very. recent placement of a garbage can, postal mailbox, newspaper kiosk or other stationary object along the special event route/location.
- Recent attempts by unknown individuals to gain access to your building’s roof overlooking the parade route/special event location/venue.
- Inquiries about short-term rental of an apartment or space above your store/business – or in your residential complex — that also happens to offer a view of a parade route or special event location. (Terrorist operatives will often cohabitate to facilitate operational planning.Additionally, they may attempt to position themselves in an area that will ease their surveillance of potential targets.)
- Large plastic drums being stored inside a building (commercial or residential space).
- Reports of small fires or smoke conditions being reported from a particular store or apartment.
- Suspicious inquiries by unknown individuals regarding:
- The security measures anticipated for the event (e.g., extensive questioning as to
the searching of backpacks, stopping of vehicles, etc.) - The seating of public officials, dignitaries, or other VIPs at an event.
- The security measures anticipated for the event (e.g., extensive questioning as to
Ransomware: Lessons learned
Don’t say that we didn’t warn you (see here, here and especially here). Here’s a tale about a synagogue in the NYC area, but it could happen to anyone.
In mid-November the rabbi’s secretary was going about her business on the shul computer. Whether she was duped to click on an infected popup advertisement or she visited an infected website the damage was done. What we do know is that this ransom note appeared on her screen:
Then the panic. The note was accurate, they were locked out of the shul’s only computer. What should the shul do?
- They couldn’t get to their Quickbooks.
- They couldn’t get to their member software.
- They couldn’t get to the file with the Yahrzeits.
- They couldn’t get to their record of Kol Nidre pledges
Some computer-savvy members tried various tools, but no luck. The problem was eventually brought to the synagogue board and a hearty debate followed. Would they just be paying a ransom and get nothing in return (See the FBI guidance here)? Finally, the vote was to pay the ransom, 3 bitcoins (almost $2,400). Fortunately, the thieves were relatively honest. The synagogue’s files were decrypted and they could recover their data. Many other victims pay, but their computers remain locked.
Lessons learned
People, there’s nothing new here. Check out JCRC-NY’s Cybersecurity Resources page and our cybersecurity blog posts. This episode is an expensive reminder that it’s crucial to practice good cyber-hygiene.
- Backup, backup, backup. There is no excuse. External thumb drives and hard drives are cheap. Buy one and take the time to configure the backup program so that it automatically, regularly keeps critical data safe. There are many free or low-cost cloud options. Backup to Google Drive, Dropbox or a cloud server provided by your anti-virus/backup program. The data in some shul membership management programs are automatically saved to the cloud which may even be monitored by full-time cybersecurity staff. Finally, more than one backup (e.g., one onsite, one offsite or in the cloud) is better than one … one is better than none.
- Keep your anti-virus software up-to-date. The bad guys are smart and they’re getting smarter. Somehow, the bad guys got the rabbi’s secretary to click on the infected link. Our poor synagogue had anti-virus software, but it was a year out-of-date (duh, it turns itself off). Most of the better anti-virus programs are updated constantly and will probably stop a ransomware attack before your data is seized. Buy a license that will protect all of your computers. (see bargain software rates for nonprofits at Techsoup).
- Have strong passwords and record them. Whoever set up the synagogue’s computer did follow “best practice” and didn’t give the users “Administrator” access (pardon the techy-talk). The trouble was that no one knew that password so the consultant who assisted the synagogue had to get permission from the board to reset the password before she could revive the computer. Click to https://www.lockdownyourlogin.com/ for the latest guidance on passwords.
- Beware of residual “bread crumbs”. Some ransomware leaves malware on a computer so that the bad guys can re-infect the computer. After all, you paid once, won’t you pay again? Once you have recovered the encrypted files, use multiple products to scan your computer: first your new, up-to-date anti-virus program, then a some others (the trial or basic versions are available free online) such as Malwarebytes, CCleaner, SUPERAntispyware, to name a few. There is no perfect solution. Each may find something that the others missed.
- Cybersecurity is a board responsibility. The incident was an expensive lesson. When no one on staff has computer skills, the board has a fiduciary responsibility to make sure that the staff know the basics of cyber-hygiene: the software is being updated, the backups are made, the anti-virus programs are working.
Finally, kudos to JCRC-NY’s outside computer maven from Dragonfly Technologies, who dropped everything to travel to the shul and spent many hours into the night to get them back in business and up-to-date.
Attacks on Jews in the U.S. 1969-2016
Take a look at the important new CSS publication, Terrorist Incidents and Attacks Against Jews and Israelis in the United States, 1969-2016, by our talented, good friend, Yehudit Barsky, with a forward by another friend, Mitchell D. Silber. The publication supplements the JCRC’s own Selective Threat Scan which was designed to assist Nonprofit Security Grant Program applicants complete the “Threat” and “Consequences” sections of the Investment Justification.
Here’s the Executive Summary of the document which aligns with JCRC’s ongoing advice:
It is vital that the American Jewish community, together with our law enforcement partners, learn the lessons of the past, understand the nature of the challenges arrayed against it, and take the proper precautions to ensure that violent acts against Jews and Jewish institutions can be prevented in the future.
- Jewish targets often serve as precursors to larger attacks: Perpetrators of well-known larger attacks, such as the 1993 World Trade Center bombing, were first involved in anti-Jewish incidents.
- Awareness is critical: In many of these incidents, perpetrators conducted pre-operational surveillance. Training and engagement of community members to detect suspicious activity is thus essential.
- A need to invest in community security infrastructure: The Jewish community can ill afford passivity and apathy against security threats. The community should broaden its understanding of what effective security entails, and invest in initiatives that provide tangible results. Foremost amongst these strategies is ensuring community members have the training and capacity to assist in securing their own communities, and partnering more closely with law enforcement agencies.
Unfortunately, much as we do not care to admit it to ourselves, the threats are real; there have been too many incidents to deny that. Now in the second decade of the twenty-first century, we find ourselves in an era where those who promote anti-Jewish rhetoric and instigation have the technical tools to reach a broader audience in less time than ever before. In fact, as recently as March 2016, the Islamic State in Iraq and Al-Sham (ISIS) publicly encouraged its followers to attack Jews and their allies, “wherever they find them.”
It is vital that the American Jewish community, together with our law enforcement partners, learn the lessons of the past, understand the nature of the challenges arrayed against it, and take the proper precautions to ensure that violent acts against Jews and Jewish institutions can be prevented in the future.
Click here for the full report.
Armed or unarmed security, what’s best?
The answer is, it depends. The question comes up at almost every one of our security training sessions. Honestly, there are both advantages and disadvantages of either option. Guns and Security: the Risks of Arming Security Officers in the December issue of Security Management (a publication of the security industry trade association, ASIS) discusses many of the issues that must be considered.
Each organization must carefully weigh the pluses and minuses themselves, as applied to their building, their constituencies and their culture. Since this decision could possibly affect your brand, your reputation and/or your liability, it is advisable to include your board of directors in the decision. If your organization is leaning towards armed security, we suggest four “best practices”:
- Hire any armed security guard on the basis of their experience, training and judgement rather than their weapon. If you hire e.g., an off-duty/retired law enforcement officer, you are hiring much more than their gun.
- Deploy armed guards as one element of a multi-layer security plan. If a determined intruder is targeting a specific institution, a solo guard (armed or not) may become the first, unfortunate target without any opportunity to even his/her weapon.
- Contract with an outside firm. Given the documented risks associated with armed guards (outlined in the Security Magazine article), consider contracting with an independent vendor and make sure that they are responsible for the supervision of armed guards, all aspects of the armed guard’s ongoing training and compliance with governmental training, licensing and other requirements.
- Discuss your decision with your insurer. Whether the armed guard is, or is not, your employee you may have some liability and/or named in any lawsuit. Make sure that your insurer knows about your decision and that your are appropriately and adequately covered. (n.b., Some institutions employ an outside security consultant to manage their employees. A discussion between the security consultant and the insurer may assuage the concerns raised by the insurer).
NYPD does have a Paid Detail Unit which provides officers to perform off-duty, uniformed security work within New York City for approximately $45/hour. Click here for more information and contact details. Of course, the above recommendations still apply.
| Quick tips: What should your guard(s) be doing? |
|---|
 Guards should not be merely uniformed potted plants adorning your lobby. Rather, they should be an important and active component of your overall security plan.
If you have a single guard, his/her logical priority is access control (see our suggestions on how to develop an access control policy here). At the same time, don’t lose sight of other important functions, including:
The security management industry calls instructions for guards, “post orders” which clearly outline the duties, responsibilities, and expectations of security guards. For example, your post orders should clearly set forth your access control policies and define the areas of your property that should be included in a walk-around and their time and frequency (e.g., upon arrival and upon returning from lunch). |
Phishing: Will you be a victim?
Phishing attacks — usually giving you a plausible reason to “change” your password — have increased. Once they have your account information many criminal avenues open up. Here’s some background and good advice from Stratfor.
Heightened threats. Do you know what to do?
We assum
e that you saw the recent media report that the U.S. intelligence community has alerted law enforcement to potential al-Qa’ida attacks in the U.S. planned for Monday, November 7, the day before Election Day. This threat is reportedly still being assessed and its credibility has not yet been validated. However, the counterterrorism and homeland security communities remain vigilant and well-postured to defend against attacks here in the United States.
According to a statement from the FBI, the Bureau shares and assesses intelligence on a daily basis and will continue to work closely with law enforcement and intelligence community partners to identify and disrupt any potential threat to public safety. The NYPD Counterterrorism Bureau continues to work closely with federal, state, local, and private sector partners to maintain situational awareness of the current threat environment.
For more information on the current situation scroll down below the “What should we do?” section.
What should we do?
In police speak, we should “remain vigilant” and “maintain situational awareness of the current threat environment.” How does that translate to your site? What should you be doing? You should “step up” your security profile and maintain heightened vigilance through the election and the days thereafter.
- Pre-determine how you will step up your game. Don’t wait for an emergency. Consider the steps you should take when the experts advise you to go to “high alert”, e.g., add guards, close doors, more-thorough bag checks.
- Increase visible security measures. Someone planning an attack should look at your facility, conclude that it is defended and decide to go elsewhere. While the presence of armed security and law enforcement personnel and the placement of security checkpoints do not guarantee that an attack will be averted or interrupted, their presence can enable the timely discovery and quick resolution of potential threats and reduce the lethality of terrorist attacks.
- Test your systems. OK, you’ve identified systems to screen your mail, respond to bomb threats and suspicious objects and you have an active shooters plan. The key question is: “Will they work in reality?” Do your panic buttons function? Test them (after you first alert the alarm company). Have you had tabletop exercises and drills covering multiple hazards? How can you make sure that your entire staff and constituencies are on their collective toes?
- Check in with your local police. Reach out to your local police and make sure that they know about the times of services, events, school arrivals and dismissals. Offer them the opportunity to get to know your programs, your rhythms, your people and your building. Ask them for suggestions as to how to make your people safer.
- If you see something, say something. Think how to build a culture of security, because security is everybody’s business. If any of your staff, students, volunteers, congregants or clients sees or hears something suspicious they should feel comfortable to report it to the appropriate person in your facility and the information should be passed on to the police. Make sure all of the key staff have the right contact info in your jurisdiction. (In NYC, 1-888-NYC-SAFE/in NYS, 1-866-SAFE-NYS).
The information below is adapted from NYPD Shield’s analysis from the NYPD Counterterrorism, Bureau Terrorism Threat Analysis Group.
Foreign violent extremists
Recent propaganda produced by al-Qa’ida’s Yemen-based affiliate, al-Qa’ida in the Arabian Peninsula (AQAP), have made reference to the upcoming U.S. presidential election; however, the group, which has previously launched multiple plots against the U.S. homeland, has not voiced any specific threats in these publications.
When commenting on the prospect of either a Hillary Clinton or Donald Trump presidency, a March 2016 issue of the group’s Arabic-language al-Masra newsletter argued that a Clinton victory would mean “an extension of the policy of Obama and the Democrats in the region,” while Trump being elected would mean “a drastic change in American policy towards Muslims, since the hostility that Trump bears and the Islamophobia from which he suffers will have a huge impact in the conflict in the Middle East region and the Muslim countries in general.”
Meanwhile, in May 2016, an issue of the group’s English-language Inspire magazine included a reference to the presidential election by the magazine’s editor-in-chief, who argued that the outcome was irrelevant since it will not impact “inhuman American policies in Islamic lands.” Historically, there have been other indications that al-Qa’ida and its sympathizers have viewed elections as significant events.
For example, the 2004 Madrid bombings were carried out by an al-Qa’ida-inspired cell three days before Spain’s general elections. The coordinated blasts, which targeted Madrid’s commuter railway system, killed 192 people and wounded an estimated 2,000 others.
Meanwhile, declassified documents recovered by U.S. forces in the May 2011 raid on Usama Bin Laden’s compound in Abbottabad, Pakistan, revealed that the topic of U.S. elections was discussed among al-Qa’ida’s leadership in the context of the group planning its propaganda releases.
Domestic violent extremists
The 2016 presidential campaign has included unprecedented divisive political rhetoric, sparking occasional violence from supporters of both the Democratic and Republican candidates. Throughout the campaign, a wide range of organizations—from non-profits to media outlets—as well as the candidates and delegates have received harassing messages, including threats of violence. Election Day 2016 comes at a time of heightened tension throughout the country, including perceived public unrest over law enforcement activity and mistrust of government institutions. Exacerbating this tense political climate are the recent assertions that the 2016 election may be “rigged,” potentially undermining the legitimacy of the presidential election process. Several domestic armed militias and extremist groups, including the Ku Klux Klan (KKK) and prominent anti-government forces such as the Oath Keepers, have used the accusation of election fraud to announce their intention to overtly, or covertly, monitor voting sites, stoking concerns that organizations may intimidate or coerce voters at the polls.
The election is also taking place at a time of elevated concern over attacks in the west perpetrated by terrorist organizations and their sympathizers such as the Islamic State of Iraq and the Levant (ISIL) and al-Qa’ida, both of which have experienced recent territorial defeats and leadership losses. Of note, an April 2016 issue of Dabiq, ISIL’s English-language magazine, specifically named Huma Abedin, Clinton’s vice chairwoman for her campaign, as a target for assassination. The continual threat of homegrown violent extremism remains a key concern as evidenced by the recent bombings in Seaside Park, NJ, Manhattan’s Chelsea neighborhood, and the attempted bombing in Elizabeth, NJ. Though the suspect in these incidents was apprehended and there is no indication that he was part of a broader conspiracy, the September 17 blasts serve as a reminder that New York City remains a top target for extremists.
Sources
- “Sources: U.S. intel warning of possible al Qaeda attacks in U.S. Monday,” CBS News, November 4, 2016.
- Tharoor, Ishaan, “Al-Qaeda’s analysis of the U.S. election is actually pretty accurate,” Washington Post, March 30, 2016.
- “Letters from Abbottabad: Bin Ladin Sidelined?,” Combatting Terrorism Center (CTC) at West Point, May 3, 2012.
- “Editor’s Letter,” Inspire Magazine, No. 15, al-Malahem Media, May 2016.