Independence Day special: Are Indian security agencies prepared to tackle the challenge?
From propaganda and recruitment to giving lessons in bomb-making and plotting attacks, terrorists have taken to the internet in a big way.
In 1980, when an angry Syed Abdul Karim Tunda decided to do something to prevent the anti-Muslim communal violence, he began visiting mosques frequented by followers of Ahle-Hadees, a puritanical strain of Islam, in Bhiwandi near Mumbai and delivered speeches about atrocities committed against Muslims. He urged young worshippers to wage jihad. Two teenagers from Delhi, Abdul Haq and Abdul Wahid, were inspired and decided to join Tunda, who went on to become a dreaded bomb-maker for the Lashkar-e-Toiba (LeT). Their module was accused of engineering a series of bomb blasts in the 1990s.Tunda, now 72, was arrested last year while on a similar talent hunt near the border with Nepal.
More than three decades after Tunda's first recruitment drive, it was far less complicated for Sultan Salfi, a member of the banned Indian Mujahideen (IM) suspected to be in Pakistan, to persuade young men to join his cause. Salfi, under the assumed identity of 'Musa', ran a Facebook discussion forum that delved into Islam, jihad and the rule of Islam, and through it established contact with four engineering students from Jaipur, all between 18 and 22 years. The young men, all arrested now, were seeking answers to questions about Islam. Musa chatted with them about the condition of Muslims in India and motivated them to take to violence. Once Musa realised that they were ready for jihad, Riyaz Bhatkal, IM's lynchpin in Pakistan, used a fake identity on Paltalk messenger to get in touch with Tehseen Akhtar, a top operative of his organisation in India, and directed him to contact the Jaipur youths. Akhtar went on to teach them to assemble explosives.
From Tunda to Salfi and Bhatkal, the motives of terrorism have remained the same, but the methods have changed drastically. Today, geographic or political boundaries are no barriers to identifying and exploiting a potential convert. The tact, investigators say, lies in spotting talent in internet chat rooms instead of hopping between madrasas, giving fiery sermons, waiting for young men to take the bait, indoctrinating them and motivating them to take the plunge.
This is the scary new world of 'internet jihad', as security agencies loosely call it. It is a virtual world of wannabe extremists, willing to flirt with danger and more than willing to take a risk as long as dying is not part of the deal. Their missions invariably involve making a bomb, planting it and melting away. This is what enabled the likes of IM co-founder Yasin Bhatkal to roam the country for years, undetected and emboldened by each carnage.
Tool for easier recruitment
The use of internet to radicalise and recruit is a worrying trend globally, with investigating agencies finding it difficult to counter it legally using sovereign laws. In the latest instance, 18 Indian youths are reported to have joined the Islamic State (IS) in Iraq. Last year, an Indian national from Singapore allegedly joined these IS rebels in Syria while a man from Srinagar settled in Australia is also believed to have travelled to Syria.
Investigators first noticed the use of the internet for terrorism in India in 2004-05. The medium was initially used for propaganda and communication between cadres but in the last decade terrorist organisations have started using it to recruit, propagate and communicate.
"The internet is not replacing the need for individuals to meet in person during the radicalisation process. But it complements inperson communication," says an Intelligence Bureau official who did not want to be named. Yasin Bhatkal's statement to the National Investigation Agency (NIA) gives credence to this opinion: "Yasin says he used to motivate Muslim boys by narrating stories of fighters who had done jihad in the past. He had downloaded documents that portrayed jihad as obligatory for every Muslim.
He had downloaded lectures of Muslims leaders and fighters such as Osama bin Laden, Al Yazeed, Al Zarqawi and Awlaqi. He made Muslim boys watch these videos and read the documents to them, to motivate them for sacrificing their lives for jihad (sic)." "Yasin also taught them how to prepare explosives and IEDs. For this purpose, he had downloaded a number of documents and videos from Internet and saved them on his Samsung laptop."
Plotting in bits and bytes
Security agencies first suspected the IM for the September 7, 2011 bomb blast outside the Delhi High Court. But the trail of the email that claimed responsibility for it led investigators to Kishtwar town in Jammu and to a medical student, Wasim Akram Malik, 21. The NIA, which investigated the case, described Malik as an "avid Internet user" and a believer in "leaderless jihad". The blast, which killed 15 people and injured 79, was aimed to deter the government from hanging Parliament attack convict Afzal Guru. Wasim's was a freelance, self-motivated initiative. He had sourced explosives with the help of HuJI militants Amir Kamal and Chhota Hafiz, both killed by security agencies after their name cropped up in NIA investigations.
In 2012, a terror group busted in Bangalore was allegedly planning killings of prominent personalities such as VHP leader Praveen Togadia. The group had spread in four states and the 12 men who were arrested were picked up from Bangalore, Hubli, Hyderabad and Nanded in Maharashtra. According to the NIA, the young men were recruited through social networking sites and handed over to LeT commander Abdul Bari, believed to be operating from Saudi Arabia and wanted in the Hyderabad Sai Baba temple blasts of 2002. Maps and photographs seized from them revealed they had conducted surveillance of their potential targets.
This loosely knit network included Obaid-ur-Rehman of Hyderabad, who later recruited Syed Maqbool and Imran Khan. The latter duo allegedly reported to IM boss Riyaz Bhatkal and had a role in the 2012 Pune blasts. Bhatkal used to instruct them using fake internet chat IDs created on proxy servers. The 26/11 attack was among the most sophisticated terror operations.
The 10 attackers who held India's commercial capital hostage for nearly three days in November 2008 were getting instructions through VoIP (Voice over Internet Protocol) from Pakistan. To make their way into India, they had used GPS trackers tuned to the logs provided by Pakistani-American LeT operative David Coleman Headley, who had scoped the targets over a span of three years. Headley and his LeT handlers in Pakistan used a new method of communication involving complex codes in emails.
Hidden in these codes were plans- attack Mumbai and then bomb the offices of Jyllands-Posten, a Danish newspaper that had published cartoons of Prophet Muhammad, in Copenhagen and Arhus.
A Network of deception IM had kept investigators on their toes for nearly three years after its inception, sending emails claiming responsibility for every bombing.
Initially, security agencies did not take the emails seriously. But the plot unravelled in 2008 when IM operatives were arrested in Delhi, Mumbai and Pune. Among them was software engineer Mansoor Ahmad Peerbhoy, who allegedly ran the group's media cell. Here is a sample of IM's use of the internet for its attacks: Four days before the Ahmedabad blasts on July 22, 2008, Riyaz and Iqbal Bhatkal wrote a note in Urdu.
Mansoor translated it into English and created a PDF file. An email ID, al-arbi_gujarat@yahoo.com, was created and 15 minutes later, the group used the unsecured wi-fi of US national Ken Haywood in Navi Mumbai to email the note claiming responsibility. The emails were also pasted on Scribd.com to start a discussion and the same is used as 'recruitment material'.
In a chat with fellow IM members, Yasin Bhatkal talked about using 'Freegate' to develop a proxy and mentioned Filehippo.com, a website believed to offer software that helps open encrypted files.
After his arrest in 2013, it was revealed that Yasin used to chat with Riyaz through Nimbuzz using identities hbahadur@yahoo.com, khalida.k@nimbuzz.com, bahoo23 (MiG33 ID), mail77@yahoo.com, jankarkoo@yahoo.com. The language of the chats was coded and files were encrypted. On Yasin's laptop, NIA sleuths found a file named 'RDX' and 'How to make TNT'. The folders purportedly downloaded from the internet and saved in coded files were allegedly used to experiment with newer types of explosives.
Moving Money Legally
Recent arrests show that terrorists' finance networks are fluid and informal. Until now, money was sent through hawala agents but increasingly, they are using legal channels. This presents a challenge as agencies have to find a suspicious transaction from among hundreds. As Yasin has revealed, Riyaz would often send him money through Western Union. Security agencies, however, say terrorists continue to use hawala agents extensively to fund their cadres and most of it is routed through Dubai.
TRACING THE TERROR FOOTPRINT The increasing use of technology by terror groups has made the task of investigators tougher. When foreign tourists were attacked outside the Jama Masjid in Delhi ahead of the 2010 Commonwealth Games, the IM email claiming responsibility was routed through servers in Canada and Pakistan. "This is called onion routing. Messages are repeatedly encrypted and sent through several network nodes called onion routers. The servers can be located in five countries and by the time you start probing the IP address of the last location, you realise it has been routed through four other countries," explains a counterterrorism expert.
Since this involves investigations on foreign soil, agencies are required to send letters rogatory unless there are mutual legal assistance treaties. "This makes our task difficult. Interception of email IDs and chats is tedious and complex. It is also difficult to crack messages sent using WhatsApp, Viber, Skype. Encrypted messages make communication secure and antinational elements use this to even stoke communal tension, as we saw in some cases in western UP," says a senior Uttar Pradesh ATS official.
Investigators had some success recently when they infiltrated chat rooms of a terror module. Two alleged Pakistani terrorists, Abdul Waleed alias Murtaza and Faheem alias Mohammad Owais, were lured into a chat room and eventually arrested by the UP ATS from Gorakhpur in March. NIA chief Sharad Kumar says investigators could gain if they get access to the technology used by terrorists. "These are complex issues that must be resolved urgently.
For long, we have been asking Google, Yahoo and others to establish their servers in India," he says. Karnail Singh, a former head of Delhi Police's Special Cell now with the Enforcement Directorate, feels the Government should examine new technology before it is introduced here. "Any new technology should be examined for its implication on national security," he says.
The rise of 'cyberterrorism' has started a cat-and-mouse race between terror groups and security agencies. And so far, the tech-savvy terror operative seems to have the upper hand.
Follow the writer on Twitter @rahultripathi
To read more, get your copy of India Today here.