New hack attack on websites

August 19, 2012

For those of you with websites.

The problem

There is a relatively new attack on websites hitting MySQL. If you don’t understand this, check with your techie or your ISP to confirm if your website is vulnerable.

How do you know that you’ve been compromised? Google is ever alert and will mark your site as “dangerous”. Websites/web hosting companies subscribe to “blacklists” of such sites. Firefox and Chrome check the blacklists before going to a site and will tell a user, Warning – visiting this website may harm your computer!”.

Once your site is hacked it must be “cleaned”. After doing so, you can notify Google, request that it be removed from the blacklist and 3 to 24 hours later the site will be unblacklisted.

Best practices

  1. Make regular backups of your website. Even if your ISP takes care of this it couldn’t  hurt to have another.
  2. Your website probably has all kinds of access passwords (FTP, SQL administration, etc.). Make sure that you have strong passwords at every option. This usually includes multiple words, mixing capital and lower case letters and using numbers and symbols. See this Consumer Reports article for more explanations and tips.

Again, active shooters

July 20, 2012

Our thoughts and prayers are with the victims of the shootings in Colorado. The greatest horror is the realization that such incidents are all-too-easy to commit. How should organizations plan to protect their students, staff, congregants and others?

Recommendations (scroll down for resources)

There are no perfect solutions, but planning and training can mitigate active shooter incidents. The first step is maintaining good access control. Keeping someone who wants to do harm outside is the best way of protecting those inside.

  • Evacuate: Building occupants should evacuate the facility if safe to do so; evacuees should leave behind their belongings, visualize their entire escape route before beginning to move, and avoid using elevators or escalators.
  • Hide: If evacuating the facility is not possible, building occupants should hide in a secure area (preferably a designated shelter location), lock the door, blockade the door with heavy furniture, cover all windows, turn off all lights, silence any electronic devices, lie on the floor, and remain silent.
  • Take Action: If neither evacuating the facility nor seeking shelter is possible, building occupants should attempt to disrupt and/or incapacitate the active shooter by throwing objects, using aggressive force, and yelling.
  • Other considerations?
    • Train building occupants to call 911 as soon as it is safe to do so.
    • Train building occupants on how to respond when law enforcement arrives on scene.
    • follow all official instructions, remain calm, keep hands empty and visible at all times, and avoid making sudden or alarming movements.

Summer camps

Summer camps bring special challenges, especially when the campers are young. Planning and training may be even more critical, but the general guidance remains:

  • Evacuate. Staff should know your plan and be able to evacuate to a safer area, if possible. It will be difficult to run with groups of young children.
  • Hide. Summer camp structures are rarely constructed in a way to withstand an attack by a determined intruder and they rarely have heavy furniture that might be used to blockade a door. If no secure structure is available, consider designating scattered, but assigned, assembly points for each small camper group. By making an intruder search for victims (over many acres of campgrounds)  this tactic buys some of the  time necessary for help to respond. Staff should be prepared with “quiet activities” alternatives. This is a situation when good communication can be the difference between life and death.
  • Take action. The actions available in summer camps are dependent on the ages and abilities of the groups involved.

Resources

NYPD adds extra patrols after Bulgarian attack

July 18, 2012

There is a possibility of copycat attacks. Jewish organizations are advised to increase their level of vigilance. From WNBC News:

The NYPD is putting extra patrols and security in place in Jewish communities and synagogues Wednesday, after a deadly explosion on a bus in Bulgaria carrying Israeli tourists, department spokesman Paul Browne said.

Four people were killed and at least 30 injured in the explosion at an airport in Burgas, which Bulgarian officials did not confirm as terror-related but which the Israeli prime minister blamed on Iran.

The stepped-up security in New York is precautionary, Browne said.

Schumer, Gillibrand on Homeland Security grants.

July 10, 2012

SCHUMER, GILLIBRAND SECURE OVER $3.4 MILLION TO IMPROVE EMERGENCY PREPAREDNESS FOR 42 AT RISK JEWISH SCHOOLS AND CONGREGATIONS

Schumer and Gillibrand Secured over 30% Of Total Funding For Organizations Based in New York Out of the Total $10 Million Granted to Awardees Across the Country

The Awardees Include 42 Jewish Educational Institutions and Congregations; The Money Will Help These At-Risk Nonprofits For Security Preparedness

Schumer, Gillibrand: These Schools and Congregations are Vital Parts of our Community – the Grant Money Will Go To a Good Cause

U.S. Senators Charles Schumer and Kirsten Gillibrand today announced that 42 New York Jewish organizations, including schools and congregations, have received a combined total of $3,419,184 for the 2012 fiscal year as Urban Areas Security Initiative (UASI) Nonprofit Security Grant Program (NSGP) Awardees. The program, run by the Federal Emergency Management Agency, awards federal funds to nonprofit organizations that are at a high risk of a national terrorist attack to encourage preparedness efforts.

Read More Schumer, Gillibrand on Homeland Security grants.

NY has 43 Nonprofit security grantees receiving $3.1 million

July 02, 2012

On Friday FEMA released its Fiscal Year 2012 Preparedness Grant Programs Allocation Announcement. This year the United States Department of Homeland Security allocated a total of $10,000,000 in funding support for target hardening and other physical security enhancements and activities to nonprofit organizations that are at high risk of a terrorist attack and located within one of the UASI-eligible urban areas.

Once again close to 1/3 of the grants ($3,119,184) went to NY organizations. The total  will be split among 43 New York nonprofits (Evidently, FEMA removed the results information from its website).

The  NY Division of Homeland Security and Emergency Preparedness will administer the grants and will send out letters to all applicants as soon as they receive the official notification from D hopes to schedule a pre-contract seminar in August.

NY Nonprofit grant applications submitted. Results? Maybe June 29th.

June 13, 2012

Progress report. After ranking each completed (not all were) application, New York’s Division of Homeland Security and Emergency Services (NY DHSES) submitted a record 283 Nonprofit Security Grant Program (NSGP) files (Investment Justifications) to the U.S. Department of Homeland Security (DHS) for final review. Nationally, there will be a total of $10 million in grants this cycle.

According to Rob Goldberg of the Jewish Federation of North America’s Washington office, DHS could announce the grant award results as early as June 29th. After the results are released it could take as long as 90 more days, or until September 30th, before all of the project requirements are in place and satisfied and the funds are approved for release to the nonprofit applicants. NY DHSES cannot officially notify applicants based on the original announcement, but will do so after they receive the official paperwork. We will stay in touch with the JFNA, DHS and NY DHSES officials and provide updates on the timing.

Prospects for 2013. Last year, the NSGP (along with other DHS local grant programs) took a significant hit, reducing the total NSGP funding to $10 million, nationally (down from $19 million). Once again, the upcoming federal budget battles will create challenges for the program. Fortunately, due to Rob Goldberg’s Herculean efforts, the Senate provision specifically allocates $13 million for the NSGP (a $3 million increase over FY2012). The weaker House provision includes no specific funding for NSGP, which would leave the program vulnerable to being zeroed out or further diminished in FY2013. Similar language in FY2012 left a number of state and local grant programs without funding.

Kudos to the movers and shakers. The fact that there is a FY2012 program and there might be one in FY2013 is due to the ongoing work and incredible professionalism of a coalition, led by The Jewish Federations of North America/JFNA (with JCRC-NY and UJA-Federation playing active roles) and its Senior Director, Legislative Affairs, Rob Goldberg. The JFNA Washington Office, directed by William Daroff, is the lynchpin in this process and deserves our collective thanks. Jarrod Bernstein, Director of Jewish Outreach at the White House, has been helpful above and beyond the call of duty.

We owe a special debt of gratitude to those dedicated public servants who actually administer the grants and answer our questions at the NY DHSES, especially Shelley Wahrlich, Steve Tierney and Valerie Bloomer. This program could not be successful without their dedication, patience and expertise.