JCRC Board 2024-2025
Subscribe to our mailing lists   

Jewish Community Relations Council

Jewish Community Relations Council

DONATE
  • Home
  • About Us
    • By the Numbers
    • FAQs
    • Form 990
    • Officers & Directors
    • Honor Roll Societies
    • JCRC-NY Assembly
    • Staff
    • Career and Fellowship Opportunities
  • What We Do
    • Israel Day on Fifth
    • Shared Society
    • Community Security Initiative
    • Israel & International Affairs
    • JCRC-Long Island
    • Jewish Communal Affairs
    • Public Policy
    • Congressional Breakfasts and Conversations
    • Resources
    • Archives: Community Relations Corner Webcast
  • News & Updates
    • Headlines
    • JCRC-NY in the News
    • Statements from JCRC-NY
  • Donate

Blog

  Home Jewish Community Relations Council  /  JCRC-NY’s Security News Posts
Posted on June 9, 2017

Nonprofit Security Grant: Last minute FAQ’s

June 09, 2017

Applications Due by June 12, 2017, 11:59 pm. We know that many of you are busy trying to finish up the work while facing a crazy deadline. Here are some last minute tips:

Technical problems

  • Prequalification/Document Vault. To those of you who are still trying to upload everything into your Document Vault: If you get a message that says that your Document Vault was  sent back for modifications, that something is wrong with it. Check it out the report and fix whatever is missing or incomplete. Too many people are just resubmitting it “as is”.  The Grants Gateway staff is working overtime to try to prequalify everyone who completes the work. Please don’t waste their time.
  • Faulty Investment Justification template. Our friends in Washington, DC initially sent Albany a problematic file. If you downloaded a form Monday morning and are having trouble entering information, simply download another here.

Investment Justification FAQ’s

  • Tips. Don’t know how to answer a question? See our suggestions here and from JFNA here.
  • Threats. Remember, you are told to “discuss findings from risk assessment, police findings, and/or insurance claims at the location where the physical security enhancements will be installed.”
    • Cite you risk assessment and the author’s credentials (e.g., an industry certification like CPP, police department, etc.).
    • Mention mail, telephonic or electronic threats, negative graffiti or vandalism at your facility or those nearby.
    • If your risk assessment doesn’t cite the key threats, note that the updated National Terrorism Advisory System (NTAS) Bulletin concludes that “specific attack tactics have included the use of vehicle ramming, small arms, straight-edged blades or knives, and homemade explosives, as well as other acts such as taking hostages.”
  • Tell a story.
    • Vulnerability. Your risk assessment informs you about what can go wrong. Your risk assessment should itemize your vulnerability. For example: “The main entrance, fire egress doors and internal doors will not withstand a forced entry attack or limit unauthorized persons from accessing interior areas of the building” or “Electronic access control systems are not utilized to support authorized-only accessibility within and throughout the building and the system does not have an emergency lockdown feature. Much of the building is interconnected and once entry has been made into the building, an attacker can reach most other areas of the facility.” Choose to address your high priority vulnerabilities with this grant.
    • Target hardening.  Your improvements must address identified threats or vulnerabilities. So, using the “Door” vulnerability  the recommendation is: “To limit unauthorized persons from pushing in and/or breaking through the main entrance, it is recommended that these doors and their related framings, hinges, closing hardware, glass panels, walls, ceiling and locking systems be modified to be forced entry resistant. The installation and proper use of impact resistant doors might deter an attack, might deny an intruder entry, should delay his/her entry, thereby  mitigating the injuries and damage from an attack.” The second section of Target Hardening requires the AEL code and description (14SW-01-DOOR | Doors and Gates, Impact Resistant), a simple reference to your vulnerability section (e.g., Vulnerable Doors), and a cost estimate.
  • Costs. You don’t have to get bids during the application process. However, if you are awarded a grant and find that you need to modify your plan you must receive permission from NYS DHSES and they must have it approved by DHS.
  • Impact. Confused about “measurable outputs and outcomes”? See our tips or our webpage.

Finishing up

  • EGrants. Remember, your entire application package must be submitted via E-Grants.
    • Don’t wait for the last minute! If you have questions (If you have a problem: DHSES can be reached at 1-866-837-9133 or  Grant.Info@dhses.ny.gov) you might not be able to get an answer right away due to the onrush of questions. Allocate enough time for things to go wrong.
    • Use the E-Grants tutorial.  We open the E-Grants document in one window and the tutorial in another. Then, we simultaneously scroll through the tutorial and the E-Grants forms and fill in the blanks with whatever the tutorial recommends.
  • Checklist. Sorry, we’re too busy to produce our fancy checklist this year. The RFA explains “To be considered for funding, eligible nonprofit organization must submit a complete application using the State’s Electronic Grants (E-Grants) System (Click on the link if you don’t have an E-Grants Registration account).
    • Investment Justification Template (Submitted as an attachment in E-Grants)
    • Contact Information (Section of E-Grants)
    • Proposed Project Workplan Information (Section of E-Grants)
    • Budget Request Information (Section of E-Grants)
    • Certification to Accept the Assurances (Section of E-Grants)
    • Status History report from Grants Gateway website showing prequalification status (Submitted as an attachment in E-Grants)
    • Signed and notarized Vendor Responsibility Questionnaire (Submitted as an Attachment in E-Grants)
    • Mission Statement (Submitted as an attachment in E-Grants)
    • Threat and/or vulnerability assessment, if installing equipment at more than one location, assessments must be submitted for each location (Submitted as an attachment in E-Grants)
Posted on June 2, 2017June 6, 2017

The Nonprofit Security Grant is here and due in NY June 12

June 02, 2017

Nonprofit Security Grant Program 2017

June 3, 2017 |

  1. This year DHS is providing $25,000,000 for target hardening activities to nonprofit organizations that are at high risk of a terrorist attack and located within one of the specific UASI-designated urban areas (click here for the complete list).
  2. New York’s Division of Homeland Security and Emergency Services Request for Applications (RFA) is posted here. The due date in NY is Monday, June 12, 2017. Yes, everyone knows that this is a crazy schedule, but there’s no choice.
  3. If your Grants Gateway Document Vault is not pre-certified (or well under way) you are running out of time. Organizations that are not pre-certified cannot apply for the grants. Click here for more information.
  4. A PDF of the Investment Justification is available here. The actual spreadsheet will be available on the NY DHSES webpage. You will notice that the questions remain the same, but that there are some formatting improvements.
  5. The New York State Hate Crimes grant applications will probably be released towards the end of the month. As soon as we see the RFA we will publish additional materials to help qualified groups apply for that grant.
Powerpoint presentation Our apologies to those who couldn’t join the webinar. Download a PDF from our 2017 webinar here. View the recording: Part 1, Part 2. Check out our 2017 Investment Justification tips here and tips from JFNA here.  NEW
New Jersey presentation Want more? Check out this workshop presented by David Fields of the New Jersey’s Office of Homeland Security and Preparedness (NJOHSP).
Prequalification NY nonprofits should register at https://grantsgateway.ny.gov/ &
complete their Document Vault . See JCRC-NY’s additional information at: https://jcrcny2022.wpengine.com/document-vault-faqs/ .If your nonprofit was previously prequalified, you will still have to update certain documents or your document vault is expired. Check our your document vault for more information.
NY nonprofit grants webpage If you’ve never applied before, click here for New York’s nonprofit webpage, with the E-grant application. If you have an existing account (and remember the
username/password), you’re fine.
Risk assessment You can do conduct a self-assessment, have your local police do a crime prevention survey or get an independent professional. Find guidance and contacts here and JCRC-NY’s guide to security consultants here. There are some good self-assessment tools available. Check out:

  • NJ: Facility Self-assessment Tool (updated) See more NJ house of worship tools here.)
  • CA: Protective Measures for Enhanced Facility Security
Investment Justification Download the PDF of the 2017 Investment Justification here to see what the application looks like. Make sure to submit your information on the 2017 forms are released.
Threat scan Stymied by the “Risk” section of the Investment Justification? Download our Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions. You will need an assessment to identify your vulnerabilities.
NY State funding for nonprofit security. This year’s New York State budget included funding for “safety and security projects at nonpublic schools, community centers and day care facilities at risk of hate crimes or attacks because of their ideology, beliefs or mission.” Obviously, the details are still pending.

Click here to subscribe to the JCRC-NY Security and Emergency Preparedness Alert list, which will notify you about the details when they become available.
For the most up-to-date info https://jcrcny2022.wpengine.com/securitygrants
Posted on May 30, 2017May 30, 2017

Been waiting? Two security grants are coming soon

May 30, 2017
  1. We now expect FEMA will release the FY 2017 Nonprofit Security Grant Program guidelines next Friday, June 2nd to the states. New York’s Division of Homeland Security and Emergency Services has been working hard and they will have their Request for Applications (RFA) ready ASAP. However, they must have their documents approved through the various channels as required by NY State law. If all goes well the RFA will be available soon after the federal guidance.
  2. The application deadline in NY depends on the DHS/FEMA deadline. Remember, they have to score the applications and comply with federal guidelines for submission. That takes time, especially when they must process 200 or so applications. Please don’t contact us to ask about the due date… no one will know it before DHS/FEMA publishes their guidance. Expect a quick turnaround.
  3. The New York State Hate Crimes grant applications will be released within the same timeframe. As soon as we see the RFA we will publish additional materials to help qualified groups apply for that grant.
  4. NY applicants: If your Grants Gateway Document Vault is not prequalified (or well under way) you are running out of time. Organizations that are not prequalified will not be allowed to submit for the grants. If you previously prequalified, certain documents may need to be updated. Check your Document Vault to verify that it is up to date. Click here for more information.
Powerpoint presentation/video Download a PDF from our 2017 webinar here and view the recording: Part 1, Part 2
Organization type/Definition of Mission As many have learned, the grant guidelines make “Organization type” a factor in the scoring. Our attempts to formally change the guidelines language faltered during the change of administration. We were advised by House Homeland Security Chairman McCaul’s team  to neutralize this arbitrary scoring measurement self-identify as  “Ideology-based/Spiritual/Religious”. This would apply whether your organization is a religious corporation or simply religiously-affiliated (e.g., JCC, Jewish Family Service, etc.)
NY nonprofit grants webpage  Click here for New York’s nonprofit webpage. When available it will have the RFA (application package), all of the forms necessary for the submission of your application and  the E-grant application and tutorial. (If you have an existing account — and remember the
username/password — you don’t have to reapply.)
Risk assessment You can do conduct a self-assessment, have your local police do a crime prevention survey or get an independent professional. Find guidance and contacts
here and JCRC-NY’s guide to security consultants here. There are some good self-assessment tools available. Check out:

  • NJ: Facility Self-assessment Tool ((updated) See more NJ house of worship tools here.)
  • CA: Protective Measures for Enhanced Facility Security

Many crime prevention surveys do not give the information necessary to complete the “Threat” section of the Investment Justification? Collect information specific to your organization (e.g., phone threats, graffiti) to document your threat and then  download our Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions.
Investment Justification Download the 2016 Investment Justification here to see what the application looks like. Make sure to submit your information on the 2017 forms are released.
For the most up-to-date info https://jcrcny2022.wpengine.com/securitygrants
Posted on May 17, 2017February 12, 2019

More tips on Ransomware

May 17, 2017

It seems that WannaCry is sputtering out. Unfortunately, the experts predict that similar attacks could resume at any time, so it’s best to be prepared.

Here’s a great article from Techsoup, a great nonprofit that helps other nonprofits access donations and discounts from more than 60 donor partners, including Microsoft, Adobe, Cisco, Intuit, and Symantec. Their suggestions are, almost always, low or no cost solutions. Nonprofits should visit their site and sign up. Your nonprofit will save money on hardware and software.

What You Can Do About Ransomware

jimlynchJim Lynch, TechSoup
16 May 2017 4:53 PM

ransomware written over padlock, chain, handprints, and binary code

Late last week, there was a huge ransomware attack called WannaCry that affected over 200,000 Windows PCs in 150 countries and is still going. The attack has hit businesses, universities, and hospitals so far. Nonprofit, church, library, and foundation offices are vulnerable to this malware, which can lock up your IT system until a ransom is paid. We thought we’d explain a bit how you can protect your office.

What Is Ransomware?

Ransomware is malware that comes into an IT network mainly when computer users open an unknown email attachment or click on a web link. The malware then locks up and encrypts the files in the IT system and holds them for ransom until a payment is made, usually demanded in Bitcoin. Ransomware became famous as a tool of cybercrime in 2013 with the infamous Cryptolocker attacks. The malware technique has actually been around since 1989, however.

WannaCry Ransomware

The WannaCry malware is the latest ransomware attack in a succession of them. This virus is also known as WannaCrypt, Wana Decryptor, or WCry. This particular type of ransomware exploits a vulnerability in the Microsoft Server file system. Apple products and systems based on the Linux/Unix operating systems are not at risk, unless running Windows System Emulator. Infected users are presented with a screen demanding a $300 to $600 payment to restore their files.

While the attack has hit more than 200,000 computers, only around 200 people are estimated to have paid the $300 ransom. In the U.S., Homeland Security says that the list of victims is very small. It is still relatively early in the WannaCry attack, however. The victims range widely, from small companies and organizations to large IT networks like the automaker Renault in Europe. Small offices, like those in nonprofits, are at risk in this cyberattack.

How to Protect Your IT System

Taking these steps will help keep you safe from ransomware attacks.

1. Take Advantage of These Microsoft Resources

  • Windows Defender is the free antivirus tool on Windows 10.
  • Microsoft Safety Scanner is a free downloadable security tool for all Windows versions that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software.
  • Microsoft Safety and Security Center has a free Security Risk Assessment that will provide recommendations for protecting your network and IT infrastructure.
  • Microsoft customers who believe they are affected can contact Microsoft Customer Service and Support.

2. Back Up Your Critical Data and Documents

If and when your organization is hit with a cyberattack, it is essential to have your mission-critical data and documents stored in the cloud or on a hard drive that is not connected to your IT system. After an attack, your computers or servers may require reimaging.

TechSoup offers cloud storage services like the Box donation program. Also, the Veritas donation program at TechSoup provides backup and restore software to eligible nonprofit organizations and public libraries.

3. Update All Your Windows Software and Enable Automatic Updates

Since WannaCry malware attacks Windows operating systems, a critically important thing to do is to run Windows Update on all Windows devices and also Windows Server software and enable automatic updates on all Windows devices. Microsoft’s Security Bulletin MS17-010 from March of this year provides details on all the Windows software versions that can be patched by running Windows Update. Since the attack, Microsoft has issued patches for previously unsupported versions including Windows XP, Windows 8, and Windows Server 2003. You can download these security patches manually from Microsoft’s Update Catalog. (Link might not work in all browsers.)

If your organization is running old versions of Windows like XP or Server 2003, or if you’re running nonlegal (pirated) versions of Microsoft Windows or Windows Server, you may well have trouble running Windows Update. Check your TechSoup eligibility to see if your organization qualifies for Microsoft software donations.

4. Use Antivirus Software and Keep It Up to Date

Antivirus and malware protection software has become TechSoup’s most requested type of product donation over the last couple of years. This type of protection is designed to catch cyberattacks before they infect your IT system.

Popular product donations include

  • Norton Small Business from Symantec
  • Symantec Endpoint Protection Small Business Edition
  • Comodo Endpoint Security Manager
  • Comodo Antispam Gateway
  • Mailshell Anti-Spam Desktop
  • Bitdefender Internet Security

Find all of TechSoup’s security product donations here.

5. Be Really Careful with Email

Email is one of the main infection methods of all malware and specifically of WannaCry ransomware. Be wary of unexpected emails especially if they contain links or attachments. If you find a suspicious link, before you click on it, you can go to the free virustotal.com service. It will tell you whether or not it has been reported as a dangerous link.

Also, be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.

6. Enable the File Extensions Option in Windows Settings

There are particular file types that pose the greatest security risk to all users. It is helpful to see what kinds of files you’re trying to open. File extensions like .exe, .vbs, and .scr are the dangerous ones. To be able to see file extensions, enable them in Windows Settings. I like the Laptop.com directions on how to do this in Windows 10.

7. If You Do Get Hit with Ransomware …

If you do get infected, shut down your PC and disconnect it from the Internet and your network. This of course limits the spread of the infection. Also, cybersecurity experts say that paying the ransom should be a last resort. Avoid doing that if you can. The alternative of rebuilding infected machines is not great either, but it does discourage cyberblackmailers from coming back.

The sad news in all of this is that new WannaCry ransomware variants are expected to appear going forward for some time. And new malware of other types will also come calling to attack our IT systems. This will be the case no matter how small our offices are. The good news is that the seven points we’ve listed above will give you greater protection for your IT system against future online threats. At TechSoup, we want ya’ll to stay safe out there.

Image: portal gda / CC BY-NC-SA

Posted on May 15, 2017February 12, 2019

Microsoft Customer Guidance for WannaCrypt attacks

May 15, 2017

MSRC Team May 12, 2017 | https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft solution available to protect additional products

Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.

Details are below.

  • In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
  • For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.
  • This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).

We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).

Customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March. If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible.

This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind.

Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources. For Office 365 customers we are continually monitoring and updating to protect against these kinds of threats including Ransom:Win32/WannaCrypt. More information on the malware itself is available from the Microsoft Malware Protection Center on the Windows Security blog. For those new to the Microsoft Malware Protection Center, this is a technical discussion focused on providing the IT Security Professional with information to help further protect systems.

We are working with customers to provide additional assistance as this situation evolves, and will update this blog with details as appropriate.

Phillip Misner, Principal Security Group Manager  Microsoft Security Response Center

Further resources:

Download English language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

Download localized language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

General information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Posted on April 28, 2017

Still no budget, but get started

April 28, 2017

April 28, 2017 | The timing of the 2017 applications is still up in the air. The House voted 382 to 30 and the Senate unanimously approved a bill to keep the government open until May 5th. This will give the negotiators time to finalize a longer-term deal that would fund the government through the end of the fiscal year in September. There can be no grant programs without a budget.

Once the budget bill is signed by the President, the US Department of Homeland should post its its guidance within a week or two and the NY Division of Homeland Security and Emergency Services releasing its Request for Applications soon thereafter. Assuming that the budget passes next week, don’t be surprised if the application package is due at the end of May or the beginning of June.

So the turnaround may be very quick. We don’t anticipate any significant changes in the application process and most of the requirements of the application process can be met before the deadline. Our advice is to get started now! Here’s what you can do.
Powerpoint presentation/video Download a PDF from our 2017 webinar here and view the recording: Part 1, Part 2
Prequalification NY nonprofits should register at https://grantsgateway.ny.gov/ &
complete their Document Vault . See JCRC-NY’s additional information at: https://jcrcny2022.wpengine.com/document-vault-faqs/ .If your nonprofit was previously prequalified, you will still have to update certain documents or your document vault is expired. Check our your document vault for more information.
NY nonprofit grants webpage If you’ve never applied before, click here for New York’s nonprofit webpage, with the E-grant application. If you have an existing account (and remember the
username/password), you’re fine.
Risk assessment You can do conduct a self-assessment, have your local police do a crime prevention survey or get an independent professional. Find guidance and contacts
here and JCRC-NY’s guide to security consultants here. There are some good self-assessment tools available. Check out:

  • NJ: Facility Self-assessment Tool ((updated) See more NJ house of worship tools here.)
  • CA: Protective Measures for Enhanced Facility Security
Investment Justification Download the 2016 Investment Justification here to see what the application looks like. Make sure to submit your information on the 2017 forms are released.
Threat scan Stymied by the “Risk” section of the Investment Justification? Download our Selective Threat Scan for documentation and help with the “Threat” and “Consequences” questions. You will need an assessment to identify your vulnerabilities.
For the most up-to-date info https://jcrcny2022.wpengine.com/securitygrants
Posted on April 10, 2017

During Pesach, heightened vigilance is required

April 10, 2017

EVENT ASSESSMENT

While there are no reports indicating a specific threat to New York City or Jewish institutions during the Passover holiday, religious institutions and religious figures remain attractive targets for multiple terrorist groups—to include al-Qa’ida and the Islamic State of Iraq and ash Sham(ISIS)—and their adherents. Al-Qa’ida and ISIS have consistently called for attacks against Israel and Jewish interests and recent propaganda from both groups have urged sympathizers to carry out attacks using a range of tactics, including vehicle ramming, edged weapons, improvised explosive devices, and Molotov cocktails.

Terrorist groups and their sympathizers have targeted synagogues and other Jewish locations in the past, both abroad and here in the United States. In December 2016, Austrian authorities disrupted an alleged plot to target a synagogue on the first night of Hanukkah. Two individuals, one of whom was known to authorities, were questioned by police and found to be carrying knives intended for use against the rabbi and his congregants. In May of 2014, ISIL-linked French operative Mehdi Nemmouche opened fire with an assault rifle on a Jewish museum in Brussels, Belgium, resulting in the deaths of four people. In 2016, there were several foiled attack attempts at Jewish institutions in the United States. On April 29, James Gonzalo Medina, a convert to Islam, was arrested by the FBI for attempting to bomb the Aventura Turnberry Jewish Center in Florida during services on the seventh day of Passover. The FBI also foiled the plot of Mahin Khan, a self-described “American jihadist,” after he sought to build pipe and pressure cooker bombs.

Khan considered several targets, including the JCC in Tucson, Arizona. He was arrested in July 2016 after he contacted an individual he believed to be an ISIS fighter.

In addition to the threat from foreign terrorist organizations, domestic terrorism increasingly threatens minority groups and institutions in the United States. In February 2017, a South Carolina white supremacist was arrested after an undercover investigation indicated that he was planning to attack minorities in the local area, and had by that point purchased a weapon to do so. The suspect, Benjamin McDowell, allegedly wanted to replicate Dylann Roof’s mass casualty attack and made a number of online threats against a local synagogue. He further made public statements in support of violent white supremacist ideology, according to press reports.

Hate crimes continue to rise around the United States, a number of which have been anti-Semitic in nature. In addition to the desecration of grave sites at cemeteries in Philadelphia and St. Louis, the Anti-Defamation League stated that there have been at least 166 bomb threats made to Jewish institutions across 38 states in the U.S. and three Canadian provinces since January 2017, none of which resulted in the discovery of explosives. On March 23, 2017, 18-year-old Michael Ron David Kadar, a dual US-Israeli citizens, was arrested by Israel on suspicion of making more than 100 bomb threats against JCCs in the United States, Canada, Australia and New Zealand over the past six months. Kadar’s motive remains unknown. In St. Louis, Juan Thompson was arrested for making at least eight threats to Jewish institutions around the country, including the Jewish History Museum in Manhattan, and Jewish schools and a local JCC.

Despite the arrests of two individuals associated with the multiple, unfounded bomb threats, it is probable that other like-minded individuals may seek to carry out similar threats against Jewish locations given the extensive high-profile media coverage these threats received.

The series of anonymous, unfounded bomb threats against multiple targets was likely intended to spread fear, create considerable disruptions to business and people’s lives, and generate financial costs. Bomb threats can also create soft targets; evacuations of large groups of people into the open offer possible attackers a large, predictable target in a desired location vulnerable to a variety of attacks, to include active shooters, improved explosive devices, edged weapons, and vehicle-ramming assaults.

If You See Something, Say Something – 1-888-NYC-SAFE (1-888-692-7233)

Posted on April 10, 2017April 10, 2017

New York State Security Funding

April 10, 2017

This year’s New York State budget includes the following allocation. Obviously, the details are still pending.

“Capital Projects Funds – Other Capital Project Fund Program Improvement/Change Purpose For competitive grants to provide safety and security projects at nonpublic schools, community centers and day care facilities at risk of hate crimes or attacks because of their ideology, beliefs or mission.

Provided that an assessment of facilities at risk may include, but not be limited to, considerations of the vulnerabilities of the organization based on its location and membership, and the potential consequences of a hate crime or attack at the facility. The amount appropriated herein may be transferred or suballocated to the division of homeland security and emergency services to accomplish the intent of this appropriation.”

Note: the language “considerations of the vulnerabilities of the organization based on its location and membership” differs from the classic definition of vulnerability,”any weakness that can be exploited by an aggressor, or in a non-terrorist environment, make an asset susceptible to hazard damage. (FEMA, Building Design for Homeland Security)”, i.e., gaps in physical security. Location and membership are usually considered in a threat analysis in the classic security equation: risk=threat + vulnerability + consequences.

The language gives DHSES responsibility for the grants. Stay tuned for more information.

Posted on March 23, 2017June 12, 2017

Israeli-American Teen Arrested for Bomb Threats

March 23, 2017

See the links below for information about today’s arrest of a suspect believed to be responsible for the majority of the bomb threats over the past months. Remember, another individual was already arrested and law enforcement authorities believe that there are other copycats.

It is important that we stay vigilant and continue to hone our response plans. We greatly appreciate the work of the FBI, NYPD and the Israeli National Police for their work.

  • Daily Beast: The Slip-Up That Caught the Jewish Center Bomb Caller
  • JTA: JCC bomb threat suspect, named Michael Kaydar, reportedly used Bitcoin, Google Voice
  • JTA: Jeff Sessions: JCC bomb threat probe spanned multiple continents
  • JTA: Israeli-American teen arrested in Israel for over 100 JCC bomb threats
  • Haaretz
  • WCBS TV
  • NY Times
  • CNN
  • NY Daily News
  • Fox News
  • Washington Post
  • Israeli National Police Video Statement
  • JCCA Association
  • ADL

 

 

Posted on March 17, 2017

Nonprofit Grant? Get started now, webinar next week

March 17, 2017

NSGP 2017

The timing of the 2017 applications is still up in the air. We won’t be able to determine the due date for the applications until the US Department of Homeland Security posts its guidance. They will only do so once there is a federal budget.

We don’t anticipate any significant changes in the application process and most of the requirements of the application process can be met before the deadline. Our advice is to get started now! Here’s what you can do.
Webinar Our annual webinar will be
Tuesday, March 21, 2017, 12:30-1:30 PM
No RSVP required; click here to join when webinar begins.
Prequalification NY nonprofits should register at https://grantsgateway.ny.gov/ &
complete their Document Vault . See JCRC-NY’s additional information at: https://jcrcny2022.wpengine.com/document-vault-faqs/ .If your nonprofit was previously prequalified, you will still have to update certain documents or your document vault is expired. Check our your document vault for more information.
E-Grant registration If you have an existing account (and remember the
username/password), you’re fine; to register for the DHSES E-Grant system, email: grants@dhses.ny.gov
Risk assessment Find guidance and contacts at:
https://jcrcny2022.wpengine.com/security-assessment/ and JCRC-NY’s guide to security consultants here.There are some self-assessment tools available. Check out:

  • NJ: Facility Self-assessment Tool (See more NJ house of worship tools here.)
  • CA: Protective Measures for Enhanced Facility Security
Investment Justification The 2017 forms are not ready. Download the 2016 Investment Justification here to see what the applications looks like.
For the most up-to-date info https://jcrcny2022.wpengine.com/securitygrants
Previous page 1 … 7 8 9 10 11 … 40 Next page
JCRC-NY builds relationships to advance the values, interests, and security of the Jewish community and to create a more interconnected New York for all.

Connect with us

Privacy Policy.

Terms of Use

Our Offices

New York City
520 Eighth Avenue
Suite 1400
New York, NY 10018
Tel: 212.983.4800
Fax: 212.983.4084

Long Island
6800 Jericho Turnpike
Suite 120W
Syosset, NY 11791
Tel: 516.433.0433
email:  jcrcli@jcrcli.org

X