The NJCCIC assesses that heightened geopolitical tensions and military confrontation in the Middle East significantly increase the risk of offensive cyber operations by both nation-states and those sympathetic to them and their ideology. While the primary targets of these cyber activities may be the entities in the conflict, the interconnected nature of our global digital infrastructure means that organizations in New Jersey, regardless of size or sector, could become indirect targets or experience cascading effects.

Recommended Precautions and Vigilance:

While the NJCCIC has not identified any specific or credible cyber threats to New Jersey’s public or private sector cyber infrastructure at this time, we are advising all members to review and reinforce their cybersecurity posture, including taking the following actions:

• Review Incident Response Plans: Ensure your organization’s incident response plan is up-to-date, tested, and understood by all relevant personnel. Confirm communication channels with internal and external stakeholders (e.g., law enforcement, NJCCIC).
• Enhance Network Monitoring: Increase vigilance over network traffic for anomalous behavior, unusual login attempts, and suspicious activity, especially on critical systems and external-facing assets.
• Patch and Update Systems: Immediately apply all critical security patches and updates to operating systems, software, and firmware, prioritizing internet-facing systems and those within critical infrastructure.
• Strengthen Authentication: Enforce Multi-Factor Authentication (MFA) for all accounts, particularly those for remote access, privileged accounts, and critical business applications.
• Review and tighten access controls, adhering to the principle of least privilege.
• Review External Connectivity: Scrutinize and secure all external connections to your network. Disable or restrict access to unnecessary services, ports, and protocols.
• Back up Critical Data: Ensure all critical data is regularly backed up offline or in a segregated environment and that recovery procedures are tested.
• Conduct Employee Awareness Training: Remind employees about the heightened risk of phishing, social engineering, and misinformation campaigns. Emphasize vigilance against suspicious emails, links, and attachments.

  The NJCCIC will closely monitor the evolving cyber threat landscape and provide further updates as new intelligence becomes available. We encourage all members to report any suspicious cyber activity or confirmed incidents to the NJCCIC immediately. Please do not hesitate to contact the NJCCIC at njccic@cyber.nj.gov with any questions. Also, for more background on our recent cybersecurity efforts, please visit cyber.nj.gov.

Source: NJCCIC Advisory, June 13, 2025