Sunday, November 13, 2005

Big Story: Digital warzone

Hindustan Times Aditya Sinha and Shreevatsa Nevatia

Call it the darker side of the infocomm revolution. The 29/10 Delhi blasts, the 7/7 London blasts and this week’s Jordan blasts were coordinated by cellphones; mobiles were used to detonate last year’s Madrid blasts. The internet is how terrorists recruit cadres and blueprint attacks; about 10 days ago, al Qaeda advertised on the web for software engineers and the response was favourable.

The battlefield between our spies and trans-national terrorists is now a complex digital web of bits, bytes and photons; their traditional cat-and-mouse game could become an anachronism given infocomm’s speed of light. And though, according to Ajai Sahni of the Indian Institute for Conflict Management, in the two years preceding 29/10, India recorded 44 instances of intelligence successes on the digital battlefield, leading to arrests and neutralising of plots, we have a long way to go. India has 60 million mobile users and about 6 million internet connections; the government’s target is 250 million mobiles by 2007, and internet penetration 10 million. In the resulting sea of data, is India equipped to zero in on terrorists and prevent future 29/10s?

Terrorists use infocomm technology for three basic purposes: communication, planning and propaganda. And in all this, they always seem to be a step ahead of our spies. Sahni gives an example: “Cellphones were introduced in Tripura only a year ago, but before that terrorists were using Bangladeshi numbers because of that country’s proximity.” Similarly, along the Pakistani border terrorists have used Pakistani sim cards as their “repeaters” (the towers that relay signals) are close to the border.

But with the authorities being able to scan and identify cellphone conversations – often they have to rely on HUMINT (human intelligence), where a terrorist who’s been caught is made to give the list of numbers of contacts and commanders – terrorists have moved on to two safer modes of communication: satellite phones (satphones) and the internet.

Thuraya handsets are common among jehadi commanders, sources say, and the signal has a high encryption; even if someone listens in, unless they can decrypt it, they won’t be able to listen in on the conversation. Thuraya, a UAE-based company, is obviously not going to hand over the codes, so our eavesdroppers are always looking for innovative (but secret) ways to decode satphone conversations.

On the internet, there are several methods. Subimal Bhattacharya of Argus Integrated Systems points to two ways in which the net is used: steganography and false emails. Steganography, in which messages are hidden inside image files, was used by the conspirators in the 2001 Parliament attack case, as well as by al Qaeda post-9/11.

False emails are messages that are not actually despatched: several terrorists will have the password to one email account, and one of them will write an email and save it as a draft. The others will then logon to the same account and read that draft, the communication happening without an email being sent. Our spies are looking for ways to crack this method.

Sources talk of some other methods: sending emails wherein the message has been sent in the font of an esoteric language, and using freely available high-encryption systems. Says a hacker who’s worked with the agencies: “Blowfish is an algorithm that helps a person write an encryption software. Using it, data can be encrypted up to 1024-bits, so even if you catch an image on the net, it would take 40 days with our best computers to decrypt it, by which time the message will likely become useless.”

Terrorists have also updated the traditional espionage concept of “dead drops”. Read a John le Carre novel and you’ll know that refers to a note hidden in some pre-arranged public place (like a telephone booth, or a restaurant toilet). Now there are digital dead drops, which is referred to as “deep web”.

An example of deep web: Al Qaeda goes to a 20-year-old HT archive, picks out an innocuous link such as ‘polio eradication in Haryana’, and hacks into the link to tag their message along side it. Al Qaeda’s entire guerrilla manual was found in deep web this way, and since Lashkar-e-Tayyeba is allied to al Qaeda, our spies are constantly looking for their needle in the digital haystack.

Terrorists also use remotely controlled computers called “bots”, Bhattacharya says, and these allow emails to be sent from an account without the knowledge of the account-holder. “There are also websites like that allow you to send anonymous emails and SMSs,” he says.

The biggest threat nowadays is realtime communication over the net. Sources tell of hearing terrorists on phones saying “Chat pe aa jaa”; they then create a chat room, talk, and dissolve the chat room when they’re done. That leaves our spies with no time to hack in and listen. Even worse is the new trend of Voice-over Internet Protocol (VoIP), which the government will now legalise. When a person speaks, the computer turns the voice files into digital files, encrypts it, and sends it across. All in real time, leaving no scope for listening in and decrypting a conversation before it is over (and it is too late)

The Americans use their National Security Agency for digital eavesdropping on terrorists, and in terms of manpower and budget, it’s the USA’s largest intelligence agency. Their SIGINT (signals intelligence) is conducted through an array of satellites and optic fibre networks: the NSA listens to every piece of noise. Its motto: “In God we trust, all others we monitor”.

At the moment, India’s SIGINT is done by the Research and Analysis Wing (RAW). Sources say there is an effort to forgo “passive monitoring”, and engage in “proactive monitoring”. “Till 1998, terrorists used wirelesses which we could listen in on. But in the next five years, they’ll be using internet in remote mountainous corners of Doda through WLL or PDAs,” says an expert. “We need to anticipate and break into their connections rather than wait for them to communicate.”

India is setting up its own version of the NSA. A ministerial recommendation after the 1999 Kargil intrusion saw, in 2003, the creation of the National Technical Facilities Organisation (NTFO), its roadmap drawn up by A.P.J. Abdul Kalam (before he became President). It is still being set up; Government sources say a massive recruitment drive for engineers, mathematicians, computer scientists and linguists is to begin soon (they are still training their recruiters). Headed by former RAW special secretary R.S. Bedi, the NTFO will have a staff in the thousands, an annual budget of about Rs 700 crore with which to buy satellites and the latest computers.

At the moment, much of India’s SIGINT is handled by RAW; “Electronic intelligence works as an adjunct to HUMINT (human intelligence),” it is said. At the moment there are three big problems: lack of manpower (engineers would rather spend their lives in the private sector), lack of funds, and the government’s tedious procurement process.

In an age where technology advances every few months, by the time the government floats a tender for an expensive piece of high-tech equipment and gets it, it would have become obsolete, allowing terrorists to stay one step ahead. “We need to be able to say that the Israelis have this equipment, we need it, go out and get it right now,” says a source. “Sure there are risks, but do they outweigh the need to keep terrorism in check?”

Not that the existing agencies are happy that the NTFO is being set up to feed them with technical intelligence: word is they are skeptical that “a bunch of scientists” with no operational training can sift through the oceans of data for vital scraps of intelligence.

By way of example, sources speak of a source developed in the office of a corps commander of a foreign country. He was a sweeper. He spoke to his handlers about a book the officer kept near his phone, that he thumbed each time he was on the phone. Was it in English? The sweeper said yes, and the handlers thought it might be a directory of army phone numbers. But when the sweeper got the book, it turned out to be a dictionary! Moral of the story: intelligence agents will do better digital eavesdropping.

— With Mayank Tewari and Brinda Suri


Anonymous Anonymous said...

Terrorism has occurred for centuries and will occur in future. Preventing terrorists to communicate at the last stage of an attack, with the best technology is useless. Nothing has been done to look into the cause, of why terrorism evolves in a country. Well but somethings do need to be said, don't they.

December 11, 2005  

Post a Comment

<< Home