Preventing future tragedies | Fire safety

March 24, 2015

01_fdny_top_seven_fire_safety_rules_englishNew York Fire Commissioner Daniel A. Nigro met with a broad array of leaders of Jewish communities in New York on Monday, March 23rd, 2015. While the meeting was scheduled to focus on fire safety on Passover, Commissioner Nigro and the assembled chiefs were still devastated that they could not save the Sassoon children. The Commissioner suggested, and the attendees agreed that one of the best possible memorials to these “seven innocent lambs” is for us to take steps to ensure that such a tragedy never reoccurs. Please pray for a Please pray for their Refuah Shelema for Gila bat Siporah Frances and Siporah bat Gila.

NYC Groups wishing to schedule a fire safety education event should click to www.fdnyfiresmart.org or call (718) 281-3870. Those outside of NYC should contact their local fire department. JCRC-NY calls on educators to educate students so that they can become “Junior Fire Marshals”, touring the house before Shabbat to check, e.g.,  if there are any frayed cords and/or the candles are in a safe place.

Fire alarms and a plan:

  • Install smoke alarms and carbon monoxide detectors. We learned that over 75% of the fire fatalities in NYC are in structures without adequate, functional smoke alarms.
    • One smoke alarm in the home is not enough. Homes should have, at least, one smoke alarm/carbon monoxide detector on every level, including the basement.
    • New specifications. As of April 2014 all new and replacement smoke alarms in multiple dwellings and private homes must have a sealed 10 year battery that is non-removable and non-replaceable. It must also have an audible “end of life” warning.
    • Test the alarms and change the batteries.  Alarms have test buttons, test them at least once a month, even if your alarm uses a long-life battery or is powered by household electricity. Replace the batteries, in the spring and the fall when clocks are changed for daylight saving time. (Change Your Clock, Change Your battery).
    • All alarms, even hard-wired ones, need to be changed every 10 years.
    • For more FDNY information click here.
  • Have a home fire escape plan. It’s not enough to have a smoke alarm. Protect your family by planning and practicing a home fire escape plan. Click here for more information.
  • Conduct a home fire safety inspection. Here’s a checklist to get started and one designed as an activity for kids.

Learn more Jewish-specific information from these FDNY publications (thanks to FDNY Chaplain Rabbi Joseph Potasnik):

No DHS grant programs without DHS budget (now passed)

February 27, 2015

The Nonprofit Security Grant program is a component of the Department of Homeland Security (DHS) budget, which is the main attraction of the current Washington drama (see below).

Bottom line: we are virtually certain that there will that there will be a grant program, the question is timing. The way things look, the NY application package may not be ready until mid or late April and due during the first two weeks of May. We suspect that once the grant application package is released it will be substantially similar to previous years, so get started now!

Go to www.jcrcny.org/securitygrants for more information.

Update (March 3) There is now a DHS budget that includes $13 million for the Nonprofit Security grant program.

Update (March 1):  President Obama signed a one week DHS Continuing Resolution (CR).  In terms of any grant programs, this only delays the application process. Assume that it will take 5-6 weeks after the President signs a full-year to issue the application, with few, or no, options to  postpone the due date.

NYPD Response to Al-Shabaab Video

February 23, 2015

On February 21, 2015, al-Shabaab, al-Qa‘ida’s East Africa-based affiliate, released a video entitled “The Westgate Siege–Retributive Justice”. The video attempts to provide justification for al-Shabaab’s September 2013 terror attack on the Westgate Mall in Nairobi, Kenya. The video concludes by encouraging similar attacks on “American or Jewish-owned” shopping centers and districts, particularly in the West, including the Mall of America in Bloomington, Minnesota.

Following the threat, the NYPD issued a statement saying they were aware of the video and have taken steps to ensure the safety of New Yorkers.

“We are aware of the recent ‘threat’ and we have been in touch with our international and federal liaisons. Although there is no direct threat against New York City, as well as no credible intelligence of such, we have taken appropriate precautionary measures, such as alerting our Critical Response Vehicles and our ‘Hercules’ (special counter-terrorism) Teams. This is something we regularly do in response to terror incidents/threats in other areas of the world that may impact New York City,” the statement from NYPD Deputy Commissioner of Public Information Stephen Davis said.

Remember to remain vigilant amid these threats. If you see something, say something! You can report suspicious activity to 1-888-NYC-SAFE (1-888-692-7233) or NYCSAFE@nypd.org. If you are interested in training courses for your staff, such as Terrorism Awareness for the Security Professional, Detecting Hostile Surveillance and Recommendations for Active Shooter Incidents, please do not hesitate to contact the SHIELD office at 718-615-7506 or at CTSHIELD@nypd.org.

Sources:

Hostages in Paris kosher grocery

January 09, 2015

We mourn the victims of the Charlie Hebdo and Hyper Cacher Supermarket terror attacks and pray for the recovery of the injured hostages and police. The hostages were taken –and some lost their lives –merely because they were Jews. The decisive actions of French authorities helped to mitigate these horrible situations and prevent the further loss of life and we pray that the second hostage-taker be quickly apprehended without any further loss of life or injury.

Most importantly, these attacks make us even more grateful to the NYPD and other local police, the FBI and state agencies (DHSES) and the US Department of Homeland Security. Since Wednesday, the NYPD has paid  special attention to Jewish institutions. The law enforcement world knows that the Jewish community is in the cross-hairs of the terrorists and they have done an exceptional job protecting us here in New York.

Updates:(1:59 PM) According to open source media, Said and Cherif Kouachi and Amedy Coulibaly were killed following police seiges in France. The female suspect, Hayat Boumeddiene, is still at large. The hostage being that was being held at the printing shop in Dammartin-en-Goele was released and is safe. At least four hostages were killed being held at the kosher supermarket in Paris.

(12:28 PM) According to open source media, Amedy Coulibaly, one of the suspects in the kosher market hostage situation, has also been killed during a police siege. The status of his companion, Hayat Boumeddiene, is unknown at this time. It is believed that at least four hostages have been killed, 4 wounded and 4 French police officers were wounded.

Comment: Abraham Foxman of the ADL observed:

“The attacks on Charlie Hebdo and on a kosher store are linked by the perpetrators’ ideology, not just their acquaintance. Islamic extremism is a common enemy of Jews and democratic states. That message needs to be heard and internalized by governments and mainstream society.

Anti-Semitism is at the core of Islamic extremist ideology, interwoven with its hatred of basic democratic freedoms, and continues to motivate adherents around the world. The packaging of anti-Semitic narratives has radicalized followers and influenced numerous international and domestic extremists with tragic results.”

Official summary: Gunfire has been reported at a store in Porte de Vincennes in eastern Paris Friday. According to Agence France-Presse, an armed man has taken five hostages in a kosher grocery store. As of 0900 EST, open source media is reporting at least two people are dead and one injured.

Media are now reporting on the identity of the two individuals that are reportedly involved with the ongoing hostage situation at a Paris grocery store as Amedy Coulibaly, DOB 27 Feb 1982 (NUIN 5391291) and Hayat Boumeddiene 26 June 1988 (NUIN 5385979). A search of DHS holdings indicate both suspects have no connection/travel to the US. Hayat Boumeddiene is the first female to be associated with the attacks in France.

Media is linking these two suspects with the Kouachi brothers based on their social and criminal activity. Media is also claiming that Coulibaly is responsible for the fatal shooting of a French policewoman on 07 January, 2015. At this time however, we have seen no official connection between the incidents.

Implications for New York: There are no known, credible threats against New York or its Jewish community. Out of an abundance of caution, the NYPD is giving special attention to many Jewish institutions.

Recommendations:

  • Remember, one of the most important recommendations is to establish a close, working relationship with your local police authorities. They should know about your services, school schedules, special meetings, etc. Be in contact with the community affairs officer of your local precinct and let him/her know about the times of daily services and school arrival and dismissal times.
  • DHS just published: Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities. This is an new (April 2014) and excellent overview of facility security and emergency planning. Ie used as the agenda for your security/building committee work to plan for the unexpected. There is also a good table with indicators of suspicious activity. Another new resource is Protective Measures for Enhanced Facility SecurityPlease review the documents and act accordingly. Protective-measures-cover
  • Law enforcement and Homeland Security leaders recommend that organizations train their staffs and constituencies in security awareness, especially the signs of suspicious behavior — i.e., it just doesn’t look right. If you see something, say something: in New York City-1 (888) NYC-SAFE or elsewhere in NY:
  • Click here for more information on active shooters and armed intruders.
  • Demonstrating an unusual interest in or unusual questions about security procedures, or engaging in overtly suspicious actions to provoke and observe responses by security or law enforcement officers;
  • Demonstrating an unusual interest in entry points, peak days and hours of operation, security personnel, surveillance assets (including cameras), and access controls such as alarms, barriers, doors, gates, or locks;
  • Demonstrating an unusual interest in security reaction drills or procedures;
  • multiple false alarms or fictitious emergency calls to same locations or similar venues;
  • Loitering, parking, or standing in the same area over multiple days with no reasonable explanation;
  • Unusual interest in speaking with building maintenance personnel or security guards;
  • Attention to or avoidance of surveillance cameras;
  • Interest without justification in obtaining site plans, ingress and egress routes, and information on employees or the public; and
  • Garments not appropriate for the weather or season without a reasonable explanation.
  • Suggested Protective Measures
    •  Increase visibility of armed security and law enforcement personnel in areas adjacent to and in front of security checkpoints to deter unwanted activity; 
    • Raise awareness among employees by conducting “all hazards” awareness training;
    • Establish liaison and regular communications with local, state, and federal law enforcement, emergency responders, and public health organizations to enhance information exchange or clarify emergency responses;
    • Report missing or stolen equipment, to include weapons, to the proper authorities; 
    • Raise community awareness of potential threats and vulnerabilities; and
    • Encourage employees, tenants, and visitors to report anything that appears to be odd or suspicious.
  •  If you have any questions you can contact JCRC-NY here.

Security grant update

December 19, 2014

question

      1. Will there be a 2015 Nonprofit Security Grant Program?
        • The current federal budget package only continues the Department of Homeland Security (DHS) funding until February 28, 2015, with no specific provision for the Nonprofit Security Grant Program (NSGP).
        • Until Congress completes FY 2015 funding for DHS, no DHS grant programs can commence, including the NSGP program. When the new Congress begins in January, finishing the FY 2015 DHS appropriations will be a priority. Some pundits suggest that the DHS budget will not be passed until February 28th or thereabouts.
        • During this period of uncertainty, the Jewish Federations of North America staff (particularly Rob Goldberg), local federations and others in the coalition will continue to advocate for the best possible outcomes for the programs, which at this point may be maintaining the current level of funding of $13 million. The question is not likely to be if there will be a program, but when and how much.
        • Based on the patterns of past years, the deadlines set by New York and other states may be the beginning of May (or possibly earlier), even if DHS does not release its guidance until late March or April. If that is the case, the application period is likely to be very narrow.
        • The requirements of the grant paperwork are not likely to change in any material way. Get started now!
      2. My organization really deserved a grant … why didn’t we get it? As indicated in our training, the most important skill is to carefully read and follow the directions. Organizations were disqualified if they did not attach required documents (mission statements, risk assessments and status report from the Grants Gateway) and/or received lowered scores if they did not completely answer the questions in the Investment Justification. JCRC’s advice was to use the Scoring Worksheet to “grade” your Investment Justification answers: FY 2014 Nonprofit Security Grant Program (NSGP) Scoring Worksheet.
      3. What can we do now? We assume that any new round of grants will require NY State Prequalification (see below) and a risk assessment. Either of these can be done sooner, rather than later.
        • Prequalification. Nonprofit organizations that are applying for this funding opportunity must be prequalified in the Grants Gateway prior to submitting their application.  In order to start the prequalification process you need to register for access to the Grants Gateway system by going to the Grants Reform website (http://www.grantsreform.ny.gov/Grantees) to download a copy of the Registration Form.
        • Investment Justification. There have been very few changes to the Investment Justification over the past few years. The left column of this webpage provides guidance for every section of the Investment Justification. You can draft your Investment Justification based on the 2014 version and make any changes, if necessary, when and if there is another round of grants.
      4. We thank all of those at NY DHSES who worked so hard to make this happen: Shelley Wahrlich, Marianne Lindsay and Dov Horwitz.

New “reduce your risk” tools

November 27, 2014

New York City’s dense population and geographic location make it especially vulnerable to emergencies caused by natural and man-made hazards. While it is important for you to protect yourself and your families from emergencies, it is also important to protect your property. The hazards faced by Nassau, Suffolk and Westchester residents are similar, with some exceptions (e.g., Westchester planners are concerned with an Indian Point event).

The New York City Emergency Management Department, in partnership with the New York City Department of City Planning and the Mayor’s Office of Recovery and Resiliency, is pleased to announce the launch of NYC’s Risk Landscape: A Guide to Hazard Mitigation. Based on the FEMA-approved and locally adopted 2014 Hazard Mitigation Plan, NYC’s Risk Landscape focuses on a targeted group of hazards that pose a risk to the city, and includes information on how the City approaches risk management in a user-friendly and accessible format.  Additionally, the guide includes informative maps, infographics, and images to help New Yorkers gain a deeper understanding of specific hazards as well as best practices in risk reduction.  Hazards addressed in this guide include coastal erosion, coastal storms, earthquakes, extreme heat, flooding, pandemic influenza, strong windstorms, water shortage, and winter weather.

For more information, please visit nyc.gov/hazardmitigation or click here for the guide. Click for specific guidance for Nassau, Suffolk and Westchester Counties and for New York State.

For more information about how to Reduce Your Risk, please visitnyc.gov/reduceyourrisk or click here for the Ready New York: Reduce Your Risk brochure.

 

Horror on Har Nof, Increased Vigilance in NY Area

November 18, 2014

Update – 19 November: U.S. Department of State security bulletin re Israel | As tensions remain high, isolated acts of violence in the form of vehicular attacks and stabbings may continue, particularly in Jerusalem where frustration is particularly acute. It remains unlikely that large-scale or complex attacks will occur in Israel due to the increased security measures that have been put in place over the past several years, such as the Israeli West Bank barrier, and the increased capabilities of Israeli authorities. However, it is unclear whether Israeli interests within the West Bank could potentially pose a more feasible target for more complex attacks.
The expected difficulty of Palestinian terrorist groups to carry out successful, sophisticated, complex attacks in Green Line Israel (the generally recognized border between Israel and the West Bank) suggests that isolated, low-level acts of aggression are likely to continue. The challenge of detecting and containing attempted stabbings or vehicular attacks indicates these tactics will likely continue to be successful.

The success of the November 18 synagogue attack may lead to an increase in planning and coordination between potential terrorists in relatively unsophisticated attacks that are likely to bypass security. In turn, possible soft targets are likely to remain an area of concern for OSAC constituents as tensions remain high. The State Department considers soft targets to include places where people live, congregate, shop or visit, including hotels, clubs, restaurants, shopping centers, identifiable Western businesses, housing compounds, transportation systems, places of worship, schools, or public recreation events, often with little or no security presence.

The Consulate General in Jerusalem has issued several Security Messages highlighting continued tensions in Jerusalem and restrictions on consulate staff. U.S. government personnel are restricted from using the Light Rail north of French Hill in light of the repeated acts of violence against train cars transiting through Light Rail Stations in East Jerusalem. Israeli authorities have also placed concrete barriers at Light Rail stations to help prevent additional attacks. The Consulate General has also advised against entering neighborhoods restricted by INP and suggests avoiding areas where clashes have been ongoing. Post also recommends exercising caution when transiting through neighborhoods where protest activity has been ongoing, such as Silwan, Abu Tor, Shuafat, Issawiya, and those immediately surrounding the Old City. OSAC constituents can also monitor local news for events that might spur additional unrest beyond these neighborhoods, such as announcements of new settlements, tensions surrounding the HAS/TM, funerals for those killed in protests and clashes with police.


Our hearts and prayers go out to the families of the victims of this morning’s terror attack on Har Nof in Jerusalem: Rabbi Avraham Shmuel Goldberg, Rabbi Kalman Levine, Aryeh Kupinsky and Rabbi Moshe Twersky. Rabbi Twersky’s brother, Mayer Twersky, is on the faculty of REITS at Yeshiva University. His sister Tzipporah and brother-in-law Rabbi Jonathan Rosenblatt are Rebbitzen and Rabbi of the Riverdale Jewish Center. He was a grandson of Rabbi Joseph B. Soloveitchik, z”l.

We urge you to pray for the full recovery of those injured in the attacks. The following are their Hebrew names:

חיים יחיאל בן מלכה
איתן בן שרה
שמואל ירוחם בן ביילה
אברהם שמואל בן שיינה
אריה בן ברכה 


NYC Mayor Bill de Blasio stated: “I am horrified and heartbroken by today’s terror attack in Jerusalem, which took the innocent lives of four people. My thoughts and prayers are with the victims’ families. New York City stands in solidarity with Israel at this difficult time, and we hope and pray for a peaceful and secure future for all of its people.‎

Police Commissioner Bratton announced: “The NYPD is following developments in Jerusalem closelyand working with the FBI Joint Terrorism Task Force to monitor any further developments. As of now, there is no specific credible threat to New York City.  The NYPD has increased its attention to Synagogues and other symbolic locations around the city.  Once again, we asked the public to be vigilant and if you see something, say something.”

“The NYPD is in close contact with its liaison post in Israel. We have increased our police presence at synagogues and other key locations around the city. As always, we ask New Yorkers to stay alert and immediately report any suspicious activity.”

Nassau County – Community Advisory      Suffolk CountyCommunity Advisory 

Officials’ & Religious Leaders’ Statements – LINK


Recommendations

There are no known, credible threats to the Jewish community here in the NY area, but we recommend all Jewish institutions to be extra vigilant. JCRC-NY suggests the following steps:

  1. Remember, one of the most important recommendations is to establish a close, working relationship with your local police authorities. They should know about your services, school schedules, special meetings, etc. Be in contact with the community affairs officer of your local precinct and let him/her know about the times of daily services and school arrival and dismissal times.
  2. DHS just published: Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities. This is an new (April 2014) and excellent overview of facility security and emergency planning. Ie used as the agenda for your security/building committee work to plan for the unexpected. There is also a good table with indicators of suspicious activity. Please review the document and act accordingly. 
  3. Law enforcement and Homeland Security leaders recommend that organizations train their staffs and constituencies in security awareness, especially the signs of suspicious behavior — i.e., it just doesn’t look right. If you see something, say something: in New York City-1 (888) NYC-SAFE or elsewhere in NY
  4. Click here for more information on active shooters and armed intruders.

Signs of suspicious behavior:

  • Demonstrating an unusual interest in or unusual questions about security procedures, or engaging in overtly suspicious actions to provoke and observe responses by security or law enforcement officers;
  • Demonstrating an unusual interest in entry points, peak days and hours of operation, security personnel, surveillance assets (including cameras), and access controls such as alarms, barriers, doors, gates, or locks;
  • Demonstrating an unusual interest in security reaction drills or procedures;
  • multiple false alarms or fictitious emergency calls to same locations or similar venues;
  • Loitering, parking, or standing in the same area over multiple days with no reasonable explanation;
  • Unusual interest in speaking with building maintenance personnel or security guards;
  • Attention to or avoidance of surveillance cameras;
  • Interest without justification in obtaining site plans, ingress and egress routes, and information on employees or the public; and
  • Garments not appropriate for the weather or season without a reasonable explanation.

Suggested Protective Measures

  •  Increase visibility of armed security and law enforcement personnel in areas adjacent to and in front of security checkpoints to deter unwanted activity; 
  • Raise awareness among employees by conducting “all hazards” awareness training;
  • Establish liaison and regular communications with local, state, and federal law enforcement, emergency responders, and public health organizations to enhance information exchange or clarify emergency responses;
  • Report missing or stolen equipment, to include weapons, to the proper authorities; 
  • Raise community awareness of potential threats and vulnerabilities; and
  • Encourage employees, tenants, and visitors to report anything that appears to be odd or suspicious.
 If you have any questions you can contact the  JCRC here.

Ebola: updates and info sources

October 20, 2014

ebola ebola-palm-card

Ebola is a severe, often fatal disease that affects humans and some animals. Ebola spreads through direct contact with an infected person’s or animal’s skin, blood or body fluids. It cannot be spread simply by being near someone who is infected. People can be infected by touching objects that contain infected blood or body fluids, such as needles or bed sheets.

Everyone can help to fight “Fear-bola”. Click on the links below for definitive information.

Update| Statement on Patient at Bellevue Hospital, Oct. 27, 2014

Last night, EMS HAZ TAC Units transferred a patient to Bellevue Hospital. The patient, a minor, developed a fever this morning while under observation at the hospital. The patient was in one of the three Ebola epidemic countries in West Africa within the past 21 days.

The patient was transported by a specially trained HAZ TAC unit wearing Personal Protective Equipment (PPE). The patient was not febrile when first examined at Bellevue. The patient developed a fever while at the hospital at approximately 7 a.m.this morning. After consulting with the hospital and the CDC, the Health Department decided to conduct a test for the Ebola virus, because of this patient’s recent travel history and pattern of symptoms. The Health Department and HHC are also evaluating the patient for other causes of illness.

Preliminary test results are expected in the next 12 hours.

As a further precaution, the Health Department’s team of disease detectives has begun to actively trace all of the patient’s contacts to identify anyone who may be at potential risk. The Health Department staff has established protocols to identify, notify, and, if necessary, quarantine any contacts of Ebola cases.

The Health Department is also working closely with HHC leadership, Bellevue’s clinical team and the New York State Department of Health to ensure that all staff caring for the patient do so while following the utmost safety guidelines and protocols.

The chances of the average New Yorker contracting Ebola are extremely slim. Ebola is spread by directly touching the bodily fluids of an infected person. You cannot be infected simply by being near someone who has Ebola.


Ongoing cyberthreats, website defacements

October 15, 2014
A screenshot of the defaced synagogue website.

Recent posts on the ADL Blog and Geektime describes the efforts of an anti-Israel hacktavist group that calls itself “Team System Dz”. While most of the website defacements occurred in July and August, incidents in Florida and New York were reported recently.

The Geektime post explains, “… the team is a group of Arab youth that is looking to teach protection and penetration of sites and services and strive for peace. Their hacks however don’t appear to be looking for peace. The group seems to align itself with Anonymous”. Their inclusion of an “i love you isis” message probably indicates their definition of how to look for peace. The Team’s Facebook page listing their accomplishments was taken down.

Often, visitors to your organization’s website get their first impression of your organization and your members rely on it for good information. To a great extent, your website can be the most important element of your reputation. Treat it accordingly. 

Best practices. It is likely that this group, and others, will continue to try to hack Jewish websites, so all Jewish organizations should work to ensure that they are following “best practices” in order to protect their websites and their reputations:

Website

  • An Institutional should always make the effort to have their Website hosted with a professional Web hosting company and avoid having the Website reside on an Institution or member’s home computer
  • Institutions should meet or conference with their Web hosting service and ask about such things as active back-up of Website, what security measures do the hosting company use to prevent Denial of Service (DoS) attacks and unauthorized Website access. Also ask if they have a disaster recovery procedure that includes someone available as a 24/7 point of contact for emergencies.
  • As with institutional email addresses, an effort should be made to limit and control the number of people Website administrator or Webmaster permissions and policy for password assignment and a schedule for changing passwords.

Computer Systems

  • It is in the best interest of any computer owner to be aware of who has access to their computer, the permissions granted to each account, who has system administrator authorization and who assigns passwords.
  • It is now considered a good practice to segregate general office and bookeeping/member information to the greatest degree possible.
  • If a computer system is connected to the Internet, an institution should consider using a primary carrier (Comcast, TimeWarner, Verizon etc) for Internet service.
  • Companies who re-sell other company’s services should be avoided where possible.
  • It is always prudent to have active and up-to-date firewall, anti-virus and threat detection software.
  • Although not all Websites or personal use of an Institutions computers pose a problem, a basic “no personal use” policy is reasonable.
  • As a general rule users should be discouraged from connecting personal devices, such as phones, iPods, tablet computers and flash drives to institutional computer systems.
  • Downloading of any material form the Internet should be closely supervised to avoid viruses and potential copyright infringement.

System Intrusion

  • Computer system intrusion can happen in a variety of ways: access in an unauthorized manner, by an unauthorized user, internally by a member of the institution or externally by the public.
  • Advanced software can alert a system administrator if an unauthorized access has been attempted. Older systems may require a regular manually review of computer logs to detect unwanted access.
  • Computer logs and advanced software, if properly configured, can indicate which computer files, if any, have been accessed. A policy should be established to inform members if files containing personal or sensitive information have been exposed. It is likely best to err on the side of caution in such situations.
  • Unauthorized computer access is potentially a criminal act. System intrusions rarely happen by accident and, as such, it is best to assume the person violating the system is seeking something. As with Website hacking, those perpetrating a system breach, likely know they are breaking the law and may have motivation to justify that risk.
  • As soon as a system intrusion is detected the system administrator must be contacted immediately. Subsequent contact to law enforcement and FBI (http://www.ic3.gov/default.aspx) computer crime specialists would not be an unusual next step.

Mobile Devices (smartphones, tablets, gaming and media players)

  • Due to the recent emergence and proliferation of smart mobile communication devices and mobile computing, there is at this time very little anti-virus or anti­-malware protection for mobile computing devices. Mobile devices should only be granted access to institutional systems under the supervision of an experienced service provider, who clearly understands the security needs of a Jewish institution.

Event Response

Website Hacking

  • Website hacking can take a number of different forms and can happen for a variety of reasons. For this document we are defining a hacking as; Activity in the secure section of a Website that is not the result of action by an authorized individual. How the hacking occurs is secondary, here we are discussing what to do afterward.
  • We suggest contacting the hosting company for the Website as soon as the incident is discovered. The hosting company will need to preserve a copy of the hacked page(s) and copies of all relevant server logs. The hacked page(s) need to be removed as soon as possible in case malware is involved and also to limit the hacker’s usual main objective – to gloat.
  • Report the event to the police and FBI (http://www.ic3.gov/default.aspx) promptly. Provide them with a copy of the material left by the hacker especially if it involves threats or hateful language.
  • Restore the Website from back-up copy of the Website, but only after the hosting company or ISP acknowledges the issues relating to the hack have been addressed.

Distributed Denial of Service Attack (aka DoS attack)

  • DoS attacks are the simplest and most common form of cyber-attack. A DoS attack is a coordinated effort by a group of computers to request access to a Website. This and creates a situation where no one can access the Website or that the contents are delivered very slowly. , In many cases a Website hosting company will shut down a Website temporarily rather than create a problem for their other customers. If a Website is the potential target of attacks, the Website hosting company should be made aware of the situation and can offer solutions.

Additional resources