100-cr spy programme: Hands tied on tech, India's digital eye is half shut

Written by Praveen Swami | New Delhi | Updated: Aug 11 2014, 14:08pm hrs
PRAY it works, read the text message on Mohammad Ahmad Siddibapas instant-message screen, less than 24 hours before bombs tore through Hyderabad on February 21, 2013, killing 19 people and injuring 117. The alleged Indian Mujahideen (IM) commander and his Karachi-based chief, Riyaz 'Bhatkal' Shahbandri, had instant-messaged for weeks, bouncing ideas on bomb design and execution off each other. The prayers were redundant.

Ever since 2009, an investigation by The Indian Express has found, Indias intelligence services have been intercepting conversations like these, after they rolled out a 100-crore, multi-agency programme to spy on digital communication between terrorists. It failed in the past, though and the bad news is it will fail again.

For months now, the intelligence services have been engaged in an increasingly desperate effort to stop the next 26/11-seeking communication from Maharashtra and Kashmir men fighting with Islamist insurgents in Iraq; Indian jihadists in Afghanistan; the Lashkar-e-Taiba (LeT) leaderships orders to operatives.

The digital espionage system has almost certainly picked up these communications but theyve remained incomprehensible to Indias intelligence services, because of the failure to beat digital encryption technology. There hasnt been one single case where weve successfully managed to penetrate encrypted communications between terrorists, admitted a senior Research & Analysis Wing (R&AW) officer.

Increasingly, Indias intelligence establishment believes the only answer is to compel internet firms to locate their servers in India, as Brazil has done and Germany is contemplating thus forcing them to comply with lawful interception orders.

Flailing war

Inside an elegant Art Deco mansion in central Delhi, its lush gardens dotted with flowerbeds, trees and the odd peacock, staff at the Intelligence Bureaus (IB) operations directorate have again been staring hard at data snatched from cyberspace, hoping that somewhere in the cloud of ones and zeros lie the leads they need to preempt new terror threats.

Indias desperate war rests on a system called Netra, commissioned in 2009, drawing its name from the Sanskrit word for eye or, more prosaically, from its job description, NEtwork TRaffic Analysis.

Netra was born in the years after 9/11, when Indias intelligence services realised terrorist groups like the LeT were making extensive use of the internet, and wanted tools similar to the USs PRISM digital espionage system. Housed in hundreds of internet hubs across the country, Netra vacuums up terabytes of data, and then trawls through it for keywords of interests. The system, designed by the Defence Research and Development Organisations (DRDO) Centre for Artificial Intelligence and Robotics, has won several technology awards.

The system has done what it is designed to do, intelligence officials said. It helps track traffic to websites the intelligence services suspect might be linked to jihadi activity. That opens the way to locate target computers and mobile phones and infiltrate them with software that can monitor keystrokes, and record conversations.

Its what Netra cant do, though, that is causing concern. The National Technical Research Organisation (NTRO), tasked with creating software to decode encrypted internet traffic, hasnt so far been able to deliver. That means Indias intelligence services cant listen in to voice-over-internet services like Skype and Viber, or text-based systems like WhatsApp, Fring and Facebook.

Limited gains, the sources said, have been made, one involving the purchase of technology to decrypt Thuraya satellite phone conversations from an East European vendor but the bulk of traffic remains invisible to the intelligence services.

Finally, no staff have been sanctioned to analyse the output Netra generates so with the tiny staff available, the IB is strapped to mine it for useful information. The IBs operations directorate has just 40 executive staff; the organisation as a whole 18,795, to the 26,867 it is sanctioned.

Those figures are in stark contrast to western standards: the USs Federal Bureau of Investigations (FBI), with a much narrower set of threats to address, has 34,019 staff, and its communications intelligence service, the National Security Agency, over 40,000. The NSA is reputed to be the largest single employer of mathematicians in the world, a discipline central to cryptanalysis.

In addition, the NSA has the advantage that most communication services are headquartered in the US making it relatively easy to acquire the digital keys used to encrypt information. The NSA also has supercomputing resources that allow it to mount what are called brute-force attacks on encrypted data. The NSA, by some estimates, spends up to $250 million a year on technologies to defeat encryption.

Police, meanwhile, are pointing to growing numbers of cases of online jihadist activity. Last month, The Indian Express revealed that four Thane men were training with jihadists in Iraq, while other cases have emerged from Tamil Nadu and Kashmir. Haidar Ali, now facing trial for his alleged role in bombing Prime Minister Narendra Modis election rally in Patna, is charged with having learned to make bombs from the al Qaeda online magazine Inspire.

For its part, the National Investigation Agency is prosecuting Abdul Hakeem Jamadar and Zafar Iqbal Sholapur, who it says were drawn by online jihadist literature to join the jihad in Afghanistan.

Every time weve tried to persuade a software major to cooperate, a senior IB official said, were told the data is held in another country, and that a complex, slow legal process is required to access it. The solution is for the government to compel companies to hold data in India, as was done with Blackberry.

Imagine hunting for a needle in a haystack, he added, and then imagine hunting for it in the dark without a flashlight. Thats sort of where were at.