NJOHSP, through its New Jersey Shield program, and the U.S. Secret Service National Threat Assessment Center’s (NTAC) Newark Field Office, are hosting a workplace violence prevention seminar on April 8, 2025, featuring NTAC’s latest efforts to develop best practices for implementing behavioral threat assessment programs. Participants may attend either in person (if space permits) in Hamilton, NJ, or virtually, which is highly encouraged. Registration is required.

The seminar will highlight research findings and explore the implications of targeted violence in our communities, while also providing guidance on proactively identifying and intervening with individuals who display threatening or concerning behaviors as early as possible.

The event is designed for:

• Law enforcement
• First responders
• Analysts
• Educators
• Mental health specialists
• Healthcare professionals
• Public safety and security personnel
• Government partners
• Workplace violence program coordinators
• Business continuity planners
• Community support program members
• All partners of the New Jersey Shield and Global Shield Network 

New Jersey Shield, a collaborative effort between NJOHSP and the New Jersey Regional Operations and Intelligence Center, serves as a centralized location for members to receive counterterrorism, cybersecurity, and emergency preparedness information and resources. The initiative partners with similar programs worldwide. Members report suspicious activity, share subject matter expertise and best practices, aid in identifying preparedness and resiliency gaps, and assist in developing solutions.

NTAC conducts research on the thinking and behaviors of individuals who commit acts of targeted violence and produce guidance and recommendations to prevent future tragedies.

The Global SHIELD Network is a collaborative law enforcement and intelligence initiative that partners with public and private sectors to prevent crime and terrorism and enhance public safety. It connects agencies worldwide, facilitating relationships, information sharing, and global distribution.

In late January 2025, the Center for Strategic & International Studies (CSIS), a bipartisan policy research group, published an assessment examining U.S. incidents over the past 30 years. The report concluded that terrorism carried out by foreign terrorist organizations (FTOs) is not on the rise. The study analyzed 740 terrorist attacks and plots in the U.S. from 1994 through January 1, 2025, including 140 attacks and plots it labeled “jihadist.”

The report yielded three main findings:

• The number of “jihadist” plots and attacks has decreased since 2019.
• The lethality of the attacks decreased.
• FTOs are not conducting direct attacks but inspiring individuals to commit mass casualty attacks. The biggest threat from FTOs remains their ability to inspire lone offenders.

The report concludes that while groups such as ISIS and al-Qa’ida are not directly orchestrating attacks on the U.S., they have filled a more “inspirational role” with individuals carrying out lethal attacks alone, as witnessed in the recent New Year’s Day vehicle ramming attack in New Orleans (photo above). As a result, the report concluded that counterterrorism efforts against FTOs overseas should continue.

Analyst Comment: The CSIS assessment is consistent with NJOHSP Analysis Bureau observations and assessments. While directed attacks by FTOs are minimal in the U.S., their influence on supporters is consistent, particularly those that support ISIS. While homegrown violent extremist (HVE) arrests have decreased since the fall of ISIS’s caliphate, the group continues to inspire support in the U.S. Despite ISIS’s defeat in 2019, the group still inspired 78 percent of all HVEs.

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) recently reported increased phishing attempts targeting NJ State employees by impersonating the IRS. Proofpoint analysts noted a rise in tax-themed phishing campaigns, particularly as tax deadlines approach in the U.S. and the U.K. Likewise, these campaigns were also observed targeting NJ State employees. These phishing attempts typically impersonate government or financial organizations connected to tax filing. In early January 2025, Proofpoint identified hundreds of malicious domains linked to tax-related campaigns, many of which impersonated legitimate companies.

One campaign observed on January 16 impersonated Intuit but used a generic sender with a URL directing users to a fake authentication page to harvest credentials. The campaign delivered 40,000 emails and impacted over 2,000 organizations.

While most tax-themed campaigns typically focus on credential phishing, some were also observed delivering malware. A separate campaign impersonated a tax software company that distributed two malware payloads via a JavaScript file hosted on Microsoft Azure, leading to the deployment of Rhadamanthys malware and zgRAT. Additionally, various unrelated campaigns impersonating tax agencies and software have been observed attempting to deliver different malware payloads, including MetaStealer, XWorm, AsyncRAT, and VenomRAT.

Recommendations:

• Beware of communications claiming to be from the IRS. The IRS does not contact individuals by phone, email, or text message to solicit information or money. Instead, the IRS sends notices and bills through postal mail.
• Facilitate user awareness training to include these types of phishing-based techniques.
• Avoid clicking links, opening attachments, responding to, or acting on unsolicited text messages or emails.
• Type official website URLs into browsers manually.
• Ensure multifactor authentication is enabled for all online accounts.
• Leverage behavior-based detection tools rather than signature-based tools.
• Find tactics, techniques, and procedures, technical details, and indicators of compromise in the Proofpoint blog post.
• Report phishing emails and other malicious cyber activity to the Federal Trade Commission, the FBI's IC3, and the NJCCIC.

The Grants Management Bureau (GMB) has reviewed and prioritized all federal fiscal year 2024 Nonprofit Security Grant Program – National Security Supplemental applications. The grant provides funding support for facility hardening and other physical security enhancements and activities to nonprofit organizations that are at high risk of terrorist or other extremist attack. The application information and prioritization sheets have been submitted to the Federal Emergency Management Agency for review.