On December 13, dozens of bomb threats were received at multiple locations across the United States and in several other countries, including Canada, Australia, and New Zealand. The bomb threats were sent by email to universities, courthouses, newspapers and multiple business sites. They threatened that bombs had been planted in the building and would be exploded if payment was not made by the end of the day. The extortion demanded payment by bitcoin.
As reported by CNN, it is unclear whether the bomb threats were identical. As reported by KrebsOnSecurity, the bitcoin address was different between emails. Nonetheless, per the Washington Post, the emails seem to be similar, and to have been delivered by a robo-email spam generator that masks the identities of senders.
Authorities have investigated the bomb threats. The NYPD Counterterrorism unit issued an official response indicating that the threats were not credible. The FBI has similarly maintained that they are investigating the bomb threats but do not consider them to be credible. Nonetheless, they recommend that “the public remain vigilant and promptly report suspicious activities which could represent a threat to public safety."
Building evacuations and police investigations disrupted daily activities. As the threats were not deemed credible, normal operations resumed thereafter. Per CNN, the search for the originator of the bomb threats is ongoing.
ACA Aponix Guidance
ACA Aponix recommends taking the following actions regarding bomb threats, email extortion, and similar issues:
- Treat all bomb threats seriously. Maintain close contact with local and federal authorities and follow the instructions they provide.
- Make sure that business continuity plans, disaster recovery plans, and incident response plans are reviewed and up to date. Include specific instructions that cover likely situations involving multiple threat scenarios. Develop plans to handle and rapidly assess situations to minimize business interruption.
- Develop and follow response planning specific to extortion, ransomware, and similar efforts of bad actors.
- Provide continual training to staff to help recognize and prevent social engineering, phishing, and related cyber threats.
How ACA Can Help
ACA Aponix offers the following solutions that can help protect your firm and your employees from threats, vulnerabilities, or related cybersecurity risk:
- Cyber incident response planning and tabletop exercises
- Phishing testing and cyber awareness training
- Threat intelligence
- Penetration testing and vulnerability assessments
- Cybersecurity and technology risk assessments
For More Information
If you have any questions, please contact your regular ACA Aponix consultant, or email us at firstname.lastname@example.org