They were not the only spies watching. Shah drew similar scrutiny from an Indian intelligence agency, according to a former official briefed on the operation. The US was unaware of the two agencies’ efforts, US officials say, but had picked up signs of a plot through other electronic and human sources, and warned Indian security officials several times in the months before the attack.
What happened next may rank among the most devastating near-misses in the history of spycraft. The intelligence agencies of the three nations did not pull together all the strands gathered by their high-tech surveillance and other tools, which might have allowed them to disrupt the scarring terror strike.
The British had access to a trove of data from Shah’s communications, but contend that the information was not specific enough to detect the threat. The Indians did not home in on the plot even with the alerts from the US.
That hidden history of the Mumbai attacks reveals the vulnerability as well as the strengths of computer surveillance and intercepts as a counterterrorism weapon, an investigation by The New York Times, ProPublica and the PBS series ‘Frontline’ has found.
Although electronic eavesdropping often yields valuable data, even tantalizing clues can be missed if the technology is not closely monitored, the intelligence gleaned from it is not linked with other information, or analysis does not sift incriminating activity from the ocean of digital data.
This account has been pieced together from classified documents, court files and dozens of interviews with current and former Indian, British and US officials. While telephone intercepts of the assault team’s phone calls and other intelligence work during the three-day siege have been reported, the extensive espionage that took place before the attacks has not previously been disclosed. Some details of the operations were withheld at the request of the intelligence agencies, citing national security concerns. “We didn’t see it coming,” a former senior US intelligence official said. “We were focused on many other things—al-Qaeda, the Taliban, Pakistan’s nuclear weapons, the Iranians. It’s not that things were missed—they were never put together.”
After the assault began, the countries quickly disclosed their intelligence to one another. They monitored a Lashkar control room in Pakistan where the terror chiefs directed their men, hunkered down in the Taj and Oberoi hotels and the Jewish hostel, according to current and former US, British and Indian officials.
That cooperation among the spy agencies helped analysts retrospectively piece together “a complete operations plan for the attacks”, a top-secret NSA document said.
Lashkar’s computer chief
Zarrar Shah was a digitally savvy operative, a man with a bushy beard, a pronounced limp, strong ties to Pakistani intelligence and an intense hatred for India, according to Western and Indian officials and court files. The spy agencies of Britain, the US and India considered him the technology and communications chief for Lashkar, a group dedicated to attacking India. His fascination with jihad established him as something of a pioneer for a generation of Islamic extremists who use the Internet as a weapon.
Lashkar-e-Taiba, which translates as ‘the Army of the Pure’, grew rapidly in the 1990s thanks to a powerful patron: the Inter-Services Intelligence Directorate (ISI), the Pakistani spy agency that the US Central Intelligence Agency has worked with uneasily for years. Lashkar conducted a proxy war for Pakistan in return for arms, funds, intelligence, and training in combat tactics and communications technology. Initially, Lashkar’s focus was India and Kashmir, the mountainous region claimed by both India and Pakistan.
Leaving a trail
Not long after the British gained access to his communications, Shah contacted a New Jersey company posing online as an Indian reseller of telephone services named Kharak Singh, purporting to be based in Mumbai. His Indian persona started haggling over the price of a voice-over-Internet phone service—also known as VoIP—that had been chosen because it would make calls between Pakistan and the terrorists in Mumbai appear as if they were originating in Austria and New Jersey.
“its not first time in my life i am perchasing in this VOIP business,” Shah wrote in shaky English, to an official with the New Jersey-based company when he thought the asking price was too high, the documents from Government Communications Headquarters (GCHQ), Britain’s eavesdropping agency, show. “i am using these services from 2 years.”
Shah had begun researching the VoIP systems, online security, and ways to hide his communications as early as mid-September, according to the documents. As he made his plan, he searched on his laptop for weak communication security in Europe, spent time on a site designed to conceal browsing history, and searched Google News for “indian american naval exercises”—presumably so the seagoing attackers would not blunder into an overwhelming force.
If Shah made any attempt to hide his malevolent intentions, he did not have much success at it. Although his frenetic computer activity was often sprawling, he repeatedly displayed some key interests: small-scale warfare, secret communications, tourist and military locations in India, extremist ideology and Mumbai.
By 24 November, Shah had moved to the Karachi suburbs, where he set up an electronic “control room” with the help of an Indian militant named Abu Jundal, according to his later confession to the Indian authorities. It was from this room that Mir, Shah and others would issue minute-by-minute instructions to the assault team once the attacks began. On 25 November, Jundal tested the VoIP software on four laptops spread out on four small tables facing a pair of televisions as the plotters, including Mir, Shah and Lakhvi, waited for the killings to begin.
In a plan to pin the blame on Indians, Shah typed a statement of responsibility for the attack from the Hyderabad Deccan Mujahadeen—a fake Indian organization. Early on 26 November, Shah showed more of his hand: He emailed a draft of the phony claim to an underling with orders to send it to the news media later, according to US and Indian counterterrorism officials.
A trove of data
The Pakistani terrorists had come ashore in an inflatable speedboat in a fishermen’s slum in south Mumbai about 9 pm local time. They fanned out in pairs and struck five targets with bombs and AK-47s: the Taj, the Oberoi Hotel, the Leopold Cafe, Chabad House, and the Chhatrapati Shivaji Terminus.
“Analysis of Zarrar Shah’s viewing habits” and other data “yielded several locations in Mumbai well before the attacks occurred and showed operations planning for initial entry points into the Taj Hotel,” the NSA document said.
Amid the crisis, Goel, now a senior South Asia Fellow at the New America Foundation, paid little attention to the sources of the intelligence and said that he still knew little about specific operations. But two things stood out, he said: The main conspirators in Pakistan had already been identified. And the quality and rapid pacing of the intelligence reports made it clear that electronic espionage was primarily responsible for the information. “During the attacks, it was extraordinarily helpful,” Goel said of the surveillance.
But until then, the US did not know of the British and Indian spying on Shah’s communications. As NSA and GCHQ analysts worked around the clock after the attacks, the flow of intelligence enabled Washington, London and New Delhi to exert pressure on Pakistan to round up suspects and crack down on Lashkar, despite its alliance with the ISI, according to officials involved. ©2014/The New York Times
No comments:
Post a Comment