• Investment World
• eWorld
• Brand Line
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest
• The New Manager

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources

Group Sites

• The Hindu
• Business Line
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

R.K. Raghavan

Given terrorists' use of cyber space, law enforcement agencies need to be on their toes to neutralise threats.

INTERCEPT the threat. M. Moorthy

I have to necessarily begin this column with my compliments to the Intelligence Bureau (IB) and the Maharashtra Police for foiling a dastardly LeT attack on the RSS headquarters in Nagpur.

We have not seen this smartness for a while, and it came at the right time too, as recent events in J&K seemed to point to a certain loss of grip over the situation. What is most significant is the press report that the field operation here was aided by a tip-off from the IB, which had used sophisticated communication devices to keep track of terrorist plans.

I do not have access to further information on this sensitive subject. However, I presume this involved interception of messages between terrorists before the planned Nagpur strike that were exchanged over telephone or e-mail, or through couriers. This brings me to the theme of this fortnight's column, viz., terrorist use of cyber space to facilitate swift directions to cadres during an operation and law enforcement's own efforts to track down such messages.

Although I have written on this subject earlier, the heightened terrorist activity in India persuades me to refresh reader memory by stating certain basic facts. First, the Internet provides an inexhaustible source from which groups draw information that is freely available, yet is immensely valuable. There is so much on the Net that requires to be restricted and screened from the law-breaker.

This is the basic objection to Google Earth, which is a goldmine for those aiming at physical strikes at enemy targets. There are several similar sites, which have sprung up or are about to make their appearance, that could be manna to many illegal formations waiting for an opportunity to hit at government and public facilities.

Proliferation of Web sites

Second, there has been an alarming proliferation of Web sites that leaves no doubt in our minds as to who are sponsoring them. According to one estimate by Professor Gabriel Weimann of the University of Haifa in Israel, there are at least 4,800 identified sites that facilitate the terrorist cause. The climb in numbers was noticed after 9/11. One saw similar peaks after the attack on Iraq.

These sites carry basic facts of the movement in question, including a descriptive account of its philosophy. Recruitment of cadres and their training, as also appeals for fund, are also done through these sites. While some groups mask their violent operations from such Web sites, a few, such as Hamas, do not make any bones about their proclivity to causing disorder and spreading fear.

Steganography, `draft folder'

Most of the material on terrorist Web sites is open and unencrypted. However, it is known that communication between field operatives is carried on through steganography, that is, messages hidden in a picture of a popular subject, which would hardly attract attention.

Unless there is a tip-off that a particular picture carries a secret message, there is no way we will be able to hit upon the offending picture and decrypt it to arrive at the message. Another novel modus operandus that became known recently is the terrorist practice of hiding messages in the `drafts folder' so that the risk of interception is eliminated.

With one e-mail ID and a shared password, several terrorists can read a mail carrying a specific message and act on it. An innocuous looking `drafts folder' can, therefore, effectively transmit messages across the globe without any attendant risk of interception.

Professor Weimann, whose new book Terror on the Internet: The New Arena, the New Challenges (United States Institute of Peace Press, April 2006), is described as a fascinating treatise on the terrorist-cyber nexus, is of the view that terrorists did not acquire any new technology to build Web sites, as this is a skill even an undergraduate in computer sciences these days possesses.

What strikes Weimann is the terrorist ingenuity in appealing to dissimilar constituencies through different sites. In an interview to Technology Review (March 9, 2006), he cites Hamas and Hezbollah's particular appeal to children through online computer game wars

Al Qaeda has been seen catering to women users of the Internet! Abu Musab al-Zarqawi, the Jordan-born Al Qaeda leader, for instance, was an unknown figure until he started launching his tirades against the West and Shi'ites through the Internet.

Keeping terrorists at bay

It all boils down ultimately to one issue: What can we do to deny the Internet as the medium of support to the average terrorist?

As Professor Weimann says, the large ISPs (Internet service providers) could not care less, when asked to take remedial measures. They are more concerned about the quality of their service to customers than about the content of what they supply.

This indifference is attributed by some to the absence of an international consensus on the definition of `terrorism' or a `terrorist'. Very few ISPs would like to get involved in political controversies.

At the same time, they rarely have the courage to stand up to governmental diktats, as revealed from their stance in China, where the Government has aggressively curtailed Net content to eliminate any anti-government propaganda. Interestingly, the FBI and the US Attorney-General recently convened a meeting in Washington with leading ISPs in the country, where they demanded retention, for two years, of customer information and related data. At present, there is no uniform practice across the industry. The meeting revealed serious ISP misgivings over the request, on grounds of privacy. Further meetings are scheduled to be held in order to solve the impasse.

I will not be surprised to hear of similar requests being made by Indian law enforcement agencies to our ISPs, especially in the context of a spurt in terrorism.

The basic point, however, is where do we draw the line between information that is genuinely relevant to maintaining peace in the community, and that, which is not?

This is analogous to the fears of misuse of telephone monitoring that were voiced against the backdrop of the Amar Singh case. Supreme Court guidelines here could possibly apply also to Internet monitoring by security agencies.

If such guidelines are adhered to faithfully, we can have a non-controversial system in place that will cut at the roots of terrorist misuse of cyber space.

The writer is a former CBI Director who is currently Adviser (Security) to TCS Ltd.

More Stories on : Security | Terrorism | Insight | Security Musings

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
Counting on a Linux push

Copyright © 2006, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line