A joint effort by the Computer Emergency Response Teams (CERT) from India, the United States and the United Kingdom helped the National Investigation Agency (NIA) extract crucial online chats of key Indian Mujahideen (IM) members with the al-Qaeda.
The IM is not only banned in India but also in the United Kingdom and New Zealand. In the United States, the outfit is listed as a Foreign Terrorist Organisation under the Immigration and Nationality Act and also declared a Specially Designated Global Terrorist under an Executive Order.
The NIA claimed to have achieved a major breakthrough in August 2013 with the arrest of accused Mohammad Ahmed Siddibapa alias Yasin Bhatkal and Asadullah Akhtar near the Indo-Nepal border in Bihar.
During interrogation, Yasin purportedly disclosed that he used Internet chat tools to contact the outfit founder Riyaz Bhatkal (operating from Pakistan) and other key members. It is alleged that he identified one such Yahoo mail ID as “hbhaddur.”
The NIA charge sheet, filed recently in a general case against the outfit for hatching a conspiracy to wage war against India, states that attempts were made to extract the contents of the communication made through the mail ID. However, as it was being operated from Nepal, the website’s security features demanded answers to certain questions, which the accused failed to recall.
The agency approached CERT-India, which functions under the Communications and Information Technology Ministry, for assistance.
“On September 2, 2013, CERT-In was approached... to undertake the process of recovery of the e-mails disclosed by the accused, as well as to obtain certain details from CERT-US, and CERT-UK, following up on the information obtained from Yahoo! Inc,” says the charge sheet.
One of the ways suggested was to access the email through a computer with Nepalese Internet Protocol (IP) address through remote-access software.
The CERT also helped the NIA obtain email/chat account details of Asadullah Akhtar alias Haddi. The charge sheet records that the experts helped extract chat/email details of four IDs used by Yasin: “jankarko” and “hbhaddur” for chats allegedly with Riyaz Bhatkal; “Ahaddad29” for chats with another outfit cadre Afeef; and “Halwa.wala” for chats with one Sultan.
Contents of two other IDs allegedly operated by Haddi: “kul.chitra” and “spent_those11” were also extracted by a CERT-In scientist in the presence of two independent witnesses.
Through another popular web-chat service, the NIA obtained more contents of an account allegedly used by Riyaz for conversations with Haddi.
Fake names
Investigations revealed that the accused persons created chat accounts under fake names using proxy servers to hide identities and locations. They passed on the account details to one another either in coded language or through encrypted files.
The chat contents revealed that Riyaz and other Pakistan-based operatives briefed each other about the outfit’s developing association with the al-Qaeda.
