Wednesday, December 5, 2012

Mumbai 26/11 – Lest We Forget

This post is not a re-run of the tragic 60 hours which the city of Mumbai was subjected to; it is a reminder to the nation to be vigilant and review the preparedness and plug the gaps in our security. 

Four years have passed since Mumbai was witness to one of the worst terror attacks. A fedayeen or fidayeen (suicide) squad of ten Pakistanis belonging to the Lashkar-e-Taiba  who entered Mumbai through the sea wreaked havoc at some of South Mumbai’s significant landmarks such as the Chhatrapati Shivaji Terminus (CST) Railway Station, Cama Hospital, the iconic Taj Hotel, the Trident and Chabad House (Nariman House) and Leopold Café. The November 2008 carnage left about 166 persons killed and more than 300 injured and equally important it left the commercial capital and the nation shocked. These series of well coordinated attacks caught Mumbai and its police off guard; the police force was not prepared or equipped to face this kind of a challenge. This unprecedented situation led to a failure of command and control and resulted in chaos. In the face of this adversity, there were individual acts of valour displayed by officers and men in khaki who took upon themselves to brave the terrorists’ bullets against all odds. A mention must be made of the brave attempts made by police personnel with obsolete weapons who took on the terror duo Ajmal Kasab and Ismail Khan at CST, the then Additional Commissioner of Police Sadanand Date who along with a few brave personnel fought the terrorists, Kasab and Ismail at Cama Hospital, the three brave officers Hemant Karkare, Ashok Kamte and Vijay Salaskar who were martyred in the lane leading to Cama Hospital and late Assistant Sub-Inspector Tukaram Omble whose bravado was instrumental in Kasab being captured alive. The bulk of the responsibility of neutralizing the other eight terrorists who were holed up at the Taj, the Trident and Chabad House were shouldered by the commandoes of the elite National Security Guards who were flown in from their main base at Manesar, Gurgaon.

The attacks on Mumbai showed that India, in general and metropolis like Mumbai were extremely vulnerable to a fedayeen-type terrorist strike. The attacks demonstrated that there were serious shortcomings in matters of intelligence gathering and analysis and response mechanisms. Thus the Central and the Maharashtra governments embarked on an ambitious program of overhauling the security infrastructure.

Firstly, at the centre, India set up the National Investigation Agency (NIA) in December 2008. The Act establishing the Agency empowers the Centre to probe terror attacks in any part of the country, covering offences, including challenge to the country's sovereignty and integrity, bomb blasts, hijacking of aircraft and ships, and attacks on nuclear installations.  In the opinion of this author, setting up a new outfit after a debacle was another case of knee-jerk reaction on India’s part. Multiple agencies with over-lapping jurisdictions only result in turf wars and shirking of responsibility. 

The Government of India embarked on an ambitious plan of setting up the National Intelligence Grid (NATGRID) an intelligence sharing network which would collate data from the stand alone databases of the various agencies and ministries of the Government of India. NATGRID is being implemented in four phases, the first two of which will be operationalised by the year 2014 and the first data sets would be retrievable by early 2013.

According to Ajai Sahni, the Execute director of the Institute for Conflict Management & South Asia Terrorism Portal, by simply labelling organisations with names remnant of American agencies doesn’t make them effective. He argues, “by creating a new agency at the top of the pyramid you are not solving the problem. The problem of intelligence gathering and counter-terrorism is not at the agency level, it is the lack of capacity at the bottom. The problem is with training, man power, aptitude of law enforcement personnel on ground, application of technology and no one is fixing that. NCTC is replacing MAC, but MAC till now has been unable to create a terror database (formed in 2009), by changing how will the database come about. You are creating a new body that will run like the rest, so basically it will not run.”

The National Counter Terrorism Center (NCTC) is a proposed federal anti-terror agency to be created in India modelled on the NCTC of the USA. The NCTC was mooted as an apex body, a single and effective point of control for all counter terrorism measures. The Indian Prime Minister had in his address to the Chief Ministers’ Conference in May 2012 stated that the antecedents of the NCTC lay in the recommendations by the Group of Ministers and by the Administrative Reforms Commission, commencing from the lessons learnt in Kargil.

Another move was the formation of four NSG hubs in major cities, namely, Mumbai, Kolkata, Chennai and Hyderabad. It is difficult to say whether this move was sound or not as the hubs where the commandoes are based do not have the kind of infrastructure and training facilities that are available at the NSG headquarters in Manesar. The government at Delhi instead of setting up regional hubs ought to have considered taking steps in order to ensure quick transportation and rapid deployment of the Special Forces to deal with 26/11 like situations. 

At the regional level, Maharashtra government set up Force One, an elite commando force to combat terror strikes like the one that occurred on 26/11 on the lines of the National Security Guards (NSG). This step was taken due to the fact that non-availability of aircraft in Delhi and lack of ground transportation in Mumbai the operations to flush out the terrorists by NSG commandoes was delayed, thereby leading to higher casualties.

The state government also set up a jumbo State Security Council comprising of 66 members. It is anybody’s guess as to how this body has been functioning since its inception and in what manner has it contributed to the state’s security. These imprudent moves of the government of the day are laughable to say the least.

The Mumbai attacks raised questions about the quality of intelligence or the lack of it, its timely availability to the end-user, surveillance, security of vital installations, deficiencies in coastal security, and the lack of quality equipment like bullet proof jackets, bomb suits, weaponry, communication tools and disaster management including hospitals with trauma care facilities. Serious questions were raised about the response by the Mumbai/State police to the terrorist strike. The Maharashtra Government appointed what was officially known as the High-Level Enquiry Committee (HLEC) on 26/11, comprising of R.D. Pradhan, a former Union Home Secretary and V Balachandran a former Special Secretary in the Cabinet Secretariat to probe the lapses and to identify systemic failures on 30th December 2008. The committee submitted its report to the Chief Minister of Maharashtra in April 2009, but the government did not release it, citing security concerns. In December 2009, after substantial portions of the report were leaked to the media and after much agitation by the opposition in the state assembly, a Marathi translation was tabled before the state assembly.

While procurement of sophisticated communication equipments, bullet proof jackets, bomb suits and weaponry can be streamlined, the collection and dissemination of intelligence, surveillance and upgrading coastal security are matters which deserve closer scrutiny. For instance, lot of questions were raised about the quality of bullet proof jackets available for use with the police and had the late Hemant Karkare worn a better quality jacket, his life may have been saved. This prompted the state to procure high quality bullet proof jackets immediately after the attack. However for three years, citing technical reasons, no company was awarded the contract. Finally, the state got quality jackets from the agencies that supplied protective gear to outfits like the NSG. Thus procurement issues are not insurmountable.

The issues which require attention are the following:

A lot has been written on intelligence gathering and its dissemination by various experts on the subject as well in this blog written in the aftermath of the Mumbai attacks on 26/11 (read Having said that, it must be pointed out that the responsibility of intelligence gathering cannot be vested in specialized agencies like the Research and Analysis Wing (R&AW), Intelligence Bureau (IB) or the Special Branch of the local police. Some of the most reliable pieces of information can be garnered at the police station level by beat constables through their network of informers.  Intelligence collected at the grassroots level and shared with other consumers/end users will go a long way in thwarting terror strikes. It is also extremely necessary to have handpicked personnel at the police station to handle collection of intelligence and liaise with other intelligence agencies for expeditious dissemination of intelligence. There is today too much emphasis on technical intelligence (TECHINT) and electronic intelligence (ELINT). TECHINT has its own limitations and needs to be used in conjunction with human intelligence (HUMINT) particularly in counter terror operations. The human asset who is able to penetrate a terror network or module is undoubtedly the best source of accurate information which will enable the security agencies to foil terror strikes. It was HUMINT which enabled the US to carry out Operation Neptune’s Spear – the operation which led to the killing of Osama bin Laden. Unfortunately, classical tradecraft appears to be a dying art.

Coastal security

Coastal security will continue to be a matter of concern for the security agencies and policy makers considering the fact that India has a very long coast line to safeguard with very limited resources at its disposal. 

The government’s approach towards all matters concerning security and coastal security is no exception has always been reactive. Remedial measures are undertaken only after a major incident has occurred and implemented in a haphazard manner without laying the foundation for the system adopted to function effectively. To begin with, the Coast Guard was set up in August 1978 in response to large-scale smuggling along the western coast with a mandate to protect the maritime and national interests of the country as well as to assist in anti-smuggling operations. But the 1993 serial blasts in Mumbai highlighted the fact that an inadequately manned and ill-equipped coast guard alone cannot safeguard the coasts. Instead of addressing the fundamental issue of lack of manpower and inadequate equipment, the Indian government launched a new scheme to cater for the terror challenge. Pushpita Das of the Institute for Defence Studies and Analyses (IDSA) in her article  “Why India’s Coastal Security Arrangement Falters?” writes that Operation Swan was launched in August 1993 to prevent clandestine landings along the Maharashtra and Gujarat coasts. It was a three layer security arrangement involving the navy, the coast guard and a joint patrolling team drawn from personnel belonging to the navy, coast guard, state police, and customs. While the underlying idea appeared to be feasible, the bitter fact is that Operation Swan has not resulted in a single seizure even after being for 18 years. According to her inadequate attention paid to overcome the basic problems of coordination, manpower, equipment, and motivation among the various concerned agencies at the ground level has been the main reason for this failure.

The Indian government launched yet another ambitious project in 2005 called the Coastal Security Scheme, which involved setting up a series of coastal police stations to strengthen the surveillance infrastructure along the coast. The scheme was, however, a non starter because the coastal states did not display any enthusiasm in implementing it as they did not perceive any threat to their coasts. Despite Mumbai being a preferred target of the terrorists, Maharashtra too implemented the scheme only in a piecemeal manner. Moreover, the decision to set up coastal police stations with a mandate to patrol shallow waters gave an excuse for the navy to withdraw from joint patrolling immediately. Mumbai’s coastal security was considerably weakened enabling the terrorists to carry out the strike with ease. 

Mumbai 26/11 forced the Indian government to overhaul the coastal security apparatus. Once again it insisted that the navy and the coast guard pool their resources to guard India’s territorial and coastal waters. The state governments were directed to establish coastal police stations and ensure that manpower and interceptor boats were provided to them.

The Maharashtra Government in an effort to beef up coastal security set up the Sagari Police Station in 2009 and another police station at Juhu in 2012. The lackadaisical approach to coastal security can be seen from the fact that Sagari Police Station operates from rooms in governmental quarters at Mahim and cannot even register a First Information Report (FIR) which is essential for investigating a case. Five of their 14 amphibian vehicles and 13 of their 27 patrol boats are in repair yards. Lacking a jetty, Sagari Police Station parks its boats at Malad or near the Gateway of India. Worst of all, most personnel at the two stations neither have the expertise to run the patrol boats nor basic swimming skills. The government ought to have focused attention on imparting training to the personnel for sea patrolling before opening the coastal police stations.

Nuclear Biological Chemical (NBC) Weapons – The unconventional threat

The continuing possibility of terrorist attacks using nuclear, biological, or chemical weapons is an ongoing concern in the national security policy arena in the face of a clear trend among terrorists to inflict greater numbers of casualties. 

Worldwide, the likelihood of terrorists being capable of producing or obtaining WMD may be growing due to looser controls of stockpiles and technology in the former Soviet states specifically and the broader dissemination of related technology and information in general. However, WMD remain significantly harder to produce or obtain than what is commonly depicted in the press. The Central Intelligence Agency has reported that it is likely that most terrorists will continue to choose conventional explosives over WMD, but warns that the al-Qaeda network has made obtaining WMD capability a very high priority. Indian security establishment needs to take cognizance of threat from unconventional weapons, particularly the “dirty bomb” – a type of radiological dispersal device (RDD) that combines radioactive material with conventional explosives whose objective is to contaminate the area around the explosion with radioactive particles. An RDD explosion could create fear and panic, contaminate property, and require potentially costly cleanup. Making prompt, accurate information available to the public could prevent the panic sought by terrorists.

Medical care and Disaster/Emergency Management

There is an urgent need to augment medical facilities, particularly trauma care which is inadequate even in a major metropolis like Mumbai.  Every time a disaster rocks Mumbai, causing mass casualties, the inadequacies of trauma care facilities at public hospitals get highlighted. During 26/11, most victims were rushed to the state-run but soon they had to be shifted to bigger centres which had better facilities to treat the injuries. Four years on, no lessons have been learnt. The question to be posed is whether the National Disaster Management Authority (NDMA) has the means to respond appropriately in the event of a terrorist strike. 

The issues discussed above are not exhaustive but are merely illustrative in order to assist the policy makers to take suitable steps to counter the scourge of terror within the country.

Friday, July 6, 2012

Is another 26/11 in the offing?

The arrest of one of the key conspirators and terrorist handlers of the November 2008 Mumbai attacks, Syed Zabiuddin Ansari alias Abu Jundal a.k.a. Abu Hamza at New Delhi’s IGI Airport in June 2012 after being deported from Saudi Arabia not only marks a high for the Indian security agencies but also turns the focus back on Islamabad’s complicity in the attack. Abu Jundal who held a Pakistani passport at the time of his capture and deportation is an Indian national from the Beed district of Maharashtra.

During the course of his interrogation, he is reported to have disclosed that he was in Saudi Arabia at the behest of Lashkar-e-Toiba (LeT) to raise finances for carrying out a bigger attack on India. According to him, the LeT had planned to execute a major terrorist strike in India within a year. He had also been tasked to lure Indian youth working in Saudi Arabia to join the banned terror outfit, the Indian Mujahideen. He is also reported to have told the investigators that the LeT was expanding its naval wing to carry out more terror strikes. At the time of writing it was revealed that he was planning a similar strike with an Indian Mujahideen (IM) module that he was setting up when he was nabbed in Saudi Arabia.

Two implications clearly emerge out of this interrogation – firstly Pakistan (its military establishment and the Inter-Services Intelligence, the ISI) and the India-centric terror groups, particularly the LeT are not sufficiently deterred from executing fedayeen strikes inside India and secondly, there is no change in the Pakistani mindset of using terrorism as an instrument of state policy at least vis-à-vis India. This revelation by Abu Jundal is also likely to have an adverse impact on the Indo-Pak dialogue process. One another thing that emerges from the disclosure made is that LeT and other radical Islamic groups in Pakistan, far from being reined in, are in a position to influence Pakistan’s foreign policy, especially its India policy post 26/11. There is a strong suspicion that Pakistani military establishment will not hesitate to execute another 26/11 – type attack, of course with certain modifications and improvements so as to ensure that the attacks cannot be traced back to Pakistan or the ISI.

The interrogation of Abu Jundal must alert the Indian security establishment to the fact that groups inimical to India have been in the process of plotting and will continue to plot terror strikes against India. While the capture of a key LeT operative like Jundal may be euphoric, it is time for Indian agencies to counter and neutralize this threat emanating from across the western border. The international community expected India post-26/11 to respond appropriately to this “undeclared war”. However, India chose to rely on diplomacy rather than reprisals against Pakistan. Diplomacy and sanctions may not be necessarily successful in countering terrorism. 

Post 26/11, there is very little that Pakistan has done in reining groups like the LeT. India must accept the fact that Pakistan will continue to sponsor or allow outfits like LeT to freely carry out operations against India till such time India does not respond with reprisals. While expecting a repeat of 26/11, India must realize that Pakistani ISI will try to avoid a repeat of the mistakes committed during 26/11. In other words, tactically, Pakistan while planning a strike like 26/11 will try to cover up its tracks in order to ensure that its complicity remains undetected. For one, the ISI will desist from using Pakistani nationals to carry out any future fedayeen attacks inside India. Instead, Pakistan may try to lure the Indian Mujahidden to carry out the attack thereby making it look like an indigenous terror strike. Secondly, ISI in all likelihood would avoid using a control room to give orders and instructions as was the case during 26/11. Either, there may be complete radio silence or a control room may be located in a third country. Thirdly, there is every possibility of any future attack inside India being outsourced, meaning thereby either a group with no Indian link may carry out the attack or individuals belonging to other radical Islamic groups may be assigned to carry out the attack.

Lashkar’s Maldivian connection assumes significance in this context of outsourcing any future attack inside India.

It is important to note that Lashkar’s operations have expanded over the years – it is estimated that the LeT maintains some kind of presence in about 21 countries, including Maldives.

While there are no known organized jihadi groups operating in or out of the Maldives, the country has proven a fertile ground for jihadist recruitment. Lashkar e-Taiba (LeT) and al-Qaeda have both successfully recruited youth already radicalized in Islamic schools there.

The December 2004 tsunami in the Indian Ocean provided an opening in this regard. In the aftermath of the disaster, radical Islamists gained a foothold in the country in the guise of humanitarian charities. The most significant of these was the Idara Khidmat-e-Khalq (IKK), which is affiliated with the Pakistan-based Jammat ud Dawa/Lashkar-e-Taiba. The IKK is linked to the Jamaat Ahl-e-Hadith sect active in the Maldives, Afghanistan and Pakistan. Many Ahl-e-Hadith groups are known to be involved in the jihadi struggle in South Asia, and most are affiliated with Kashmir-centric terrorist groups such as Lashkar-e Taiba and Harkat-ul Mujahideen. Its followers prefer to call themselves Salafis, in order to stress their closeness to the Saudis. Intelligence sources confirm that the IKK has spearheaded LeT’s activities in the Maldives, which prioritizes youth recruitment. The IKK claims to have spent 17.2 million Pakistani Rupees (roughly $282,000) on tsunami relief in the Maldives, Sri Lanka and Indonesia during 2005 as post-tsunami relief although the Maldivian government denies that the organization provided any relief. Ostensibly as part of that aid, the IKK reportedly facilitated trips for many Maldivian youth to Pakistan, enrolling them in various radical madrassas (Islamic seminaries) there.

Sporadic incidents of jihadi activity within the Maldives have also occurred. In April 2005, for example, Indian police arrested Maldivian national Asif Ibrahim who allegedly frequented the Indian state of Kerala to procure arms and ammunition for the LeT's Maldives operation. Ibrahim confessed to planning to blow up a government-run mosque and assassinate then-President Maumoon Abdul Gayoom. An official release from the Maldivian government indicated that Asif Ibrahim had become a member of the UK-based extremist Islamic group Jama'ah-tul-Muslimeen in 2001. In the early weeks of February 2010, nine alleged Maldivian terrorists arrested in Pakistan’s troubled South Waziristan tribal region in March 2009 were repatriated to the Maldives. According to national police, the nine have ties to the bombing that took place in Malé’s Sultan Park in September 2007, and may have left the country for Pakistan via Sri Lanka for further training and indoctrination. 

The Maldivian government admitted that Pakistan-based terrorist groups have successfully recruited hundreds of Maldivian Muslims to fight against government forces in Pakistan.  The bin Laden network has done so as well; an al-Qaeda video circulated in November 2009 featured Ali Jaleel, a Maldivian national who fought alongside pro-Taliban forces in Pakistan.  Soon thereafter, another recruitment video featured a previously unknown al-Qaeda cell operating in the Maldives, and exhorted jihadists to travel to the country, stating "Your brothers in the Maldives are calling you.”

International concerns over the growth of Islamic extremism in the Maldives have risen since the May 2002 arrest of Ibrahim Fauzee. Fauzee, a Muslim cleric (now heading the Islamic Foundation of Maldives), was arrested in a suspected al-Qaeda safe house in Karachi, Pakistan and subsequently held in the Guantanamo Bay detention camp until his release and repatriation to the Maldives in March 2005. The incident sparked concerns about the spread of radical Islam and the penetration of international terror groups like al-Qaeda and Lashkar-e-Taiba into the social fabric of this Indian Ocean archipelago. 

The Fauzee case was not an isolated event, however. There is growing evidence of Maldivian youths frequenting Pakistan for reasons unknown or suspicious in nature, though enrollment in various madrassas (Islamic seminaries) is usually cited as the prime reason for their travel. Intelligence agencies of the United States and India have noted this development with concern, and believe that growing religious extremism in the Maldives is a Pakistani import.

Another significant aspect which Indian security establishment must look into is the recent reports of three African terrorist groups al-Qaeda in the Islamic Maghreb, al-Shabaab in Somalia, and Boko Haram in Nigeria seeking to “coordinate and synchronize” their operations. Since the groups in question are affiliated to the Al Qaeda and with reports of Somalis being trained in terrorist training camps in Pakistan, the possibility of using African nationals to execute an attack cannot be ruled out. It is also important to bear in mind the fact that in August 2010, a blast in the Somali capital Mogadishu left ten Al Shabaab terrorists dead while they were trying to assemble a suicide car bomb. Two of the suspected terrorists were Indian nationals according to the Somali Ministry of Information. A co-operation of this nature is not unknown amongst international terror groups.

One of the recommendations made to the US policy makers contained in the report titled “The Menace that is Lashkar-e-Taiba” prepared by the Carnegie Endowment for International Peace is to destroy the LeT for, left unchecked, it would eventually evolve into a formidable threat. Together with its allies, the US should use all available means to eviscerate the LeT – with or without Pakistan’s help. The US has realized albeit, a bit too late that LeT has assumed dangerous proportions and use of force is the only viable option available to it and its allies to neutralize the Pak-based terror outfits.

India irrespective of the action initiated or proposed to be initiated by the US and its allies must itself draw up a plan of action to counter and neutralize the ISI-backed LeT and other groups. For India, the best option is use of covert operations. While India’s experience in this area is limited, there is now an urgent need to penetrate Pakistani society and carry out subversive activities aimed at disrupting/undermining the ability of ISI and its proxies to carry out terrorist activities against India. Special Forces may also be tasked to carry out limited but punitive strikes across the Line of Control with the objective of destroying terror training camps and launch pads located in the border regions. Briefly put, India needs to wrest the initiative from Pak by its limited offensive actions. India has countered Pak actions on Indian territory since the time proxy war was initiated by Pakistan. It is time to turn the tables now.

Monday, June 18, 2012

Terror Strike in Lutyens’ Delhi – Revisited

In February 2012, a bomb attack which caused grievous injuries to the wife of the Israeli Defence Attaché was suspected to be the handiwork of Iran or its proxy the Hezbollah. This author in the post titled Terror Strike in Lutyens’ Delhi had indicated that Iran’s international behavior in the past had defied rationale and logic and hence it was quite possible that Iran may have been responsible for the attack. Media reports now confirm that an Iranian ‘security entity’ (probably the Quds Force (alternatively spelled Ghods or Qods) was behind the attack. One such report appearing in Rediff is reproduced below: 

Iran was involved in bomb plots targeting Israeli diplomats in India, Thailand and Georgia in February, according to a media report.

In India, local agencies believed that a bomb attack which badly injured the wife of the Israeli military attaché in New Delhi in February this year was the work of an Iranian 'security entity'.

Their conclusions have not previously been made public and Indian officials avoided blaming Tehran, an ally and a key oil supplier.

The governments of Georgia and Thailand, which both uncovered bomb plots on the day of the Delhi attack, have also not officially blamed Iran.

European intelligence officials said that they now found it difficult to judge Tehran's 'risk calculus'.

"Until recently it was possible to see why they were doing what they have been doing," The Guardian quoted an intelligence official as saying.

"Now it has become very unpredictable. It's very hard to see the logic behind [the February bombings], other than perhaps demonstrate an ability to cause problems in the event of war or a desire for revenge of some kind," the official added.

Police evidence, witness statements and court documents seen by the Guardian, plus interviews with local and international law enforcement and security officials, suggested that the attempted triple-bombing on February 13 and 14 was conducted by a well coordinated network of about a dozen Iranians and prepared over at least 10 months.

According to the paper, the evidence includes the identification of at least 10 Iranians allegedly involved in the plots, money transfers to key individuals from Iran, the use of Iranian phone connections and the flight following the attacks of conspirators to Iran.

According to the paper, with Israel refusing to rule out military action if diplomacy fails, intelligence officials fear the volley of attacks carried out by Iranian operatives show Tehran is capable of an asymmetric response.

Iran now needs to be told in unequivocal terms, that India would not tolerate Iranian nationals or its diplomats using Indian soil for carrying out terrorist attacks against foreign nationals or diplomats. Secondly, if India is able to identify the diplomats engaged in this attack, India without much fanfare must call upon Iran to withdraw such personnel or declare them persona non grata. Lastly, India must take the Delhi blasts’ case to its logical conclusion, that is to say, prosecute the Indian contact as well as try and apprehend the Iranians behind the attack.

Wednesday, June 6, 2012

A Rescue Operation in Badakhshan

Afghanistan is considered to be one of the dangerous places on the planet. There is danger lurking around the corner every single day given the politically volatile situation. There have been number of instances of abduction and execution of hostages, particularly of aid workers belonging to the various international aid agencies. There have been rescue attempts of hostages in the past, some of which were successful and others having ended in utter failure. One such case was that of Linda Norgrove, a British doctor, who was killed in a botched rescue operation about eighteen months ago. There have been successes as well. One such classic operation was brilliantly executed by a Special Forces team comprising British SAS and US Navy’s SEAL Team 6 in the inhospitable terrain of Badakhshan in Northern Afghanistan sometime around 1st / 2nd June 2012. The objective of the operation was to rescue two aid workers belonging to an international aid charity Medair and two other Afghans held along with them. 

The Abduction

The four female workers belonging to a Swiss-based aid organization Medair, including two Afghans, had been kidnapped on 22nd May 2012 while traveling on horseback from Yafta to Yavan district in the remote Northern province of Badakhshan. After their abduction, the four hostages were held in a cave deep inside the thick Koh-e-Laram forest within the Shahri Buzurg district of North-Western Badakhshan close to the Tajikistan border. 
Shortly after the four women were seized, the kidnappers, who were known to have close links to the Taliban, released a video in which they demanded a £ 6 million ransom and the release of a comrade held in custody. 

International Security and Assistance Force (ISAF) commanders hoped initially that the kidnapping would be resolved peacefully. 

Planning the Rescue

While the negotiations were on, the Special Forces began to plan for a worse case scenario and started to reconnoitre a series of potential helicopter landing sites – a difficult task given the nature of the terrain, highly mountainous and thick with forest. They were tasked to prepare for a rescue mission in the event of negotiations breaking down or if the lives of the hostages were threatened. 

While the British and US forces planned and rehearsed their rescue mission, back in London the Prime Minister chaired several Cobra (Cabinet office Briefing Room A) meetings where he kept senior members of the cabinet informed of the latest events. 

In attendance amongst others were the heads of MI5 and MI6, the Director of Special Forces, General Sir David Richards, the Chief of the Defence Staff, Tim Allen, Sir Kim Darroch, the National Security Advisor and the Philip Hammond, Defence Secretary.
“I have given my approval to COMISAF [General John Allen, Commander of the International Security and Assistance Force] for a rescue mission to be launched,” he told the meeting gathered round a large conference table in the windowless room under Downing Street. “It is just a matter of when and how”. 

Over the next few days, SAS commanders, intelligence officers and members of the Afghan National Defence Directorate, watched the activities of the abductors on real-time video transmitted via satellite from the Predator as they prepared the rescue plan within the headquarters of the Joint Special Forces Group in Kabul. 

By the evening of 28th May, a force of 28 members of the SAS and an equal number of US Navy SEALS had established a forward operating base within the headquarters of a Provincial Reconstruction Team close to the town of Fayzabad, around 30 minutes flying time from the hostages’ location. 

But by 30th May 2012 the Predator garnered some vital intelligence. The Briton Miss Helen Johnston, 28 and 26-year-old Kenyan Moragwa Oirere also an aid worker were separated from their two Afghan colleagues and being held in a different cave. 

Of more concern, however, were the details of an intercepted phone call in which the Taliban had begun to urge the kidnappers to “make a declaration of intent”. Back in Kabul intelligence officers assumed this meant that at least one of the hostages risked being murdered. The development was what the American Special Forces called a “game changer”. It was time for “executive action”. 

Around mid-afternoon of 1st June 2012, during the twelfth consecutive Cobra meeting chaired by David Cameron, those present were informed of the latest developments, including the imminent launch of a hostage rescue operation - no further information was given. 

In Kabul, the decision was taken to split the hostage rescue force. A 28-strong SAS detachment would be responsible for freeing Miss Johnston and her Kenyan colleague, while the US team, composed of members of Seal Team 6 - the same unit credited with having shot dead Osama Bin Laden - was tasked with rescuing the Afghan hostages. 

The intelligence from the aerial reconnaissance was at best sketchy but it was thought that at least four kidnappers were guarding Miss Johnston and Miss Oirere, while a further seven were holding the two Afghans. 

Both groups were armed with AK47 assault rifles, rocket propelled grenades and a PKM, a Russian belt-fed machine-gun, which is capable of shooting down a helicopter. 

Late on Friday morning, the British and US rescue teams were told that the operation had been confirmed. The mission was straight forward: Rescue the hostages, kill the kidnappers. H-hour, the launch time for the operation was 5 pm local time. 

The Operation

The rescue force flew to a rendezvous on the edge of the Koh-e-Laram Forest in MH-60L Blackhawk helicopters flown by pilots from 160th Special Operations Aviation Regiment (Airborne), nicknamed the Night Stalkers. 

Each helicopter is equipped with a M230 Chain Gun and rockets pods. Riding “shotgun” were two US Apache helicopters to provide “flank support” for the operation.

The SAS troops went in relatively light - dressed in black with machine guns, pistols, knives and both stun and hand grenades. Each man was equipped with night vision goggles and a helmet-mounted camera. A medical team was also attached to each of the assault ready to give immediate first aid to the hostages. 

The first troops on the ground secured a helicopter landing site (HLS) at the top of a rocky valley and coordinated the arrival of all of the Blackhawks until the full compliment of troops had arrived. The HLS was located around two miles away from the kidnappers’ camp - but the sound of any approaching helicopters would have been muffled by the thick forest, or so the Special Forces hoped. 

In the early evening light, the US and British Special Forces were closing in on the caves where the hostages were being held. 

Back at ISAF Headquarters in Kabul, General Allen and his British deputy, Lieutenant General Adrian Bradshaw, watched the operation unfold on television screens inside the main operations room in so that they could maintain “full situational awareness”. 

Just as the sun was beginning to set the British troops approached the cave where they believed Miss Johnston and Miss Oirere were being held. The SAS held their ground until their US colleagues reached their assault positions. It was vital for both attacks to be executed concurrently. Weapons and radios were given a final check and night vision goggles activated. Minutes later the Special Forces teams rescuers were given the order to assault. 

The soldiers moved into the darkness shooting dead the kidnappers with silenced weapons. Several were dispatched with a “double tap” the preferred method of killing - two bullets in the centre of the forehead. 

The US Special Forces cleared and secured their target, killing seven kidnappers in the process but no hostages had been found. 

Momentarily, the commanders were faced with the dreadful possibility that the four aid workers had been moved. Seconds later, however, the tension was broken when the SAS team commander’s radio crackled into life, reporting that all four hostage were alive and well, before adding that a further four kidnappers had been killed.

The dead were searched for intelligence and weapons while medics checked the four women to ensure that none had been injured during the brief firefight. 

Within minutes the helicopters were brought forward to a clearing near the edge of the forest where the four exhausted but relieved hostages were flown back to ISAF headquarters in Kabul. 

At 2 am British time Downing Street was informed that the rescue operation had been a complete success. The Prime Minister was woken at 2.15 am and was given the news. He stayed up until every member of the SAS was safely back in Kabul and spoke to several of the soldiers by phone praising their courage and thanking them for achieving a successful outcome.

Spokesman for the coalition forces, US Army Col. Cummings identified the kidnappers as "a criminal armed terrorist group closely tied to the Taliban and they were armed with machine guns, rocket-propelled grenades and AK-47s."

All military operations in Afghanistan, whether special or regular, are fraught with grave risk and uncertainty. This particular operation was ordered to be launched by the British Prime Minister fully aware that the outcome may not be entirely favourable. (Prime Minister Cameron had come in for sharp criticism when British Special Forces, the SBS was involved in an unsuccessful rescue of hostages in Nigeria in March 2012. Read the author’s post Having said that, the US and British Special Forces have during the course of the long war against Taliban and Al Qaeda have gained immense battle-field experience and sharpened their skills in one of the most adverse conditions and inhospitable terrains. Also many an operations having been conducted jointly, the co-ordination and interoperability between the two forces have been greatly enhanced. 

Another important factor contributing to the successful outcome of the mission, has been the unwavering policy of the United States, Britain and other Western nations of not giving into the demands of terrorists.

Thursday, May 31, 2012

FLAME: Cyber-Espionage Revolutionised

The recent discovery of a computer virus has confirmed fears that the world has entered a new age of cyber espionage and sabotage.

Security experts discovered a highly complex computer virus, referred to as super virus, in Iran and other states of the Middle East which they believe was deployed at least five years ago to engage in espionage and the prime targets so far have been energy facilities. There is purportedly evidence to suggest that the virus named FLAME may have been commissioned by or on behalf of the same nation or group of nations that commissioned the STUXNET worm responsible for attacking Iran’s nuclear programme in 2010.

It is the third cyber attack weapon targeting systems in the Middle East to be exposed in recent years. 

Iran has alleged that the West and Israel are orchestrating a secret war of sabotage using cyber warfare and targeted assassinations of its scientists as part of the dispute over its nuclear programme. The suspicion is that, it is Israel’s crack Unit 8200 which possibly developed this cyber espionage tool.

Stuxnet attacked Iran's nuclear programme in 2010, while a related programme, Duqu, named after the Star Wars villain, stole data. Unlike the Stuxnet virus, which attacked an Iranian enrichment facility, causing centrifuges to fail, Flame does not disrupt or terminate systems. Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats. Experts describe it as a multitasking mole. It can wipe data off hard drives, but also be a tireless eavesdropper by activating audio systems to listen in on Skype calls or office chatter. It also can also take screenshots, log keystrokes and - in one of its more novel functions- steal data from Bluetooth-enabled mobile phones.

Kaspersky Labs said the programme appeared to have been released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
"If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about," Roel Schouwenberg, a Kaspersky security senior researcher, said. 

Professor Alan Woodward from the department of computing at the University of Surrey said the virus was extremely invasive. It could "vacuum up" information by copying keyboard strokes and the voices of people nearby. 

The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. Iran's output of uranium was suffered a severe blow as a result of the Stuxnet activities. In fact, the Flame malware is much larger than Stuxnet and is protected by multiple layers of encryption.

Schouwenberg said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu hinting thereby that Israel and/or the United States were the brains behind the virus.

Iran's Computer Emergency Response Team said it was "a close relation" of Stuxnet, which has itself been linked to Duqu, another complicated information-stealing virus which was believed to be the work of state intelligence. 

It said organisations had been given software to detect and remove the newly-discovered virus at the beginning of May. 

Crysys Lab, which analyses computer viruses at Budapest University said the technical evidence for a link between Flame and Stuxnet or Duqu was inconclusive. 

The newly-discovered virus does not spread itself automatically but only when hidden controllers allow it. 

Unprecedented layers of software allow Flame to penetrate remote computer networks undetected. 

The file, which infects Microsoft Windows computers, has five encryption algorithms, exotic data storage formats and the ability to steal documents, spy on computer users and more.
Components enable those behind it, who use a network of rapidly-shifting "command and control" servers to direct the virus, to turn microphone into listening devices, siphon off documents and log keystrokes. 

Eugene Kaspersky, the founder of Kaspersky Labs, noted that "it took us 6 months to analyse Stuxnet. [This] is 20 times more complicated". 

Once a machine is infected additional modules can be added to the system allowing the machine to undertake specific tracking projects. 

Flame uses at least 80 different servers and domain names to relay its data back home, so it is extremely difficult to track usage and where the information is transferred.

As has been stated, none of the experts in the field are willing to state on record as to who could be behind this complex super virus. Speculation has been that either Israel or Israel in conjunction with the US could possibly have developed this deadly programme. Israel has the necessary expertise in developing tools of cyber espionage and cyber warfare. Unit 8200 (Unit Eight Two-hundred) (or shmone matayim in Hebrew) referred to earlier is an Israeli Intelligence Corps unit, responsible for collection of signal intelligence and code decryption. It is also known in military publications as the Central Collection Unit of the Intelligence Corps. This Unit is alleged to have developed the computer worm Stuxnet which targetted the Iranian nuclear programme in 2010.

Israel is the master of cyber warfare. If Israel has been responsible for launching Flame using gaming code, then certainly Israel has revolutionized espionage by going high tech, obviating the necessity of sending in human agents. At this point of time one can only speculate as to how Israel might 'successfully' disable Iran’s nuclear enrichment program and its economy with greater dexterity than the bludgeon of more legislated 'tougher sanctions' or a conventional military strike. 

Cyber-snooping has indeed been revolutionised with the introduction of this new virus.