In one of the most glaring intelligence failures, spy agencies of the United States, Britain and India failed to join the dots gathered after their high-tech surveillance which could have averted the 26/11 Mumbai terror attacks, an investigative report said.
A detailed report by the New York Times, ProPublica and the PBS series 'Frontline' titled In 2008 Mumbai Killings, Piles of Spy Data, but an Uncompleted Puzzle said "that hidden history of the Mumbai attacks reveals the vulnerability as well as the strengths of computer surveillance and intercepts as a counter-terrorism weapon."
"What happened next may rank among the most devastating near-misses in the history of spycraft. The intelligence agencies of the three nations did not pull together all the strands gathered by their high-tech surveillance and other tools, which might have allowed them to disrupt a terror strike so scarring that it is often called India's 9/11," said the lengthy report.
Citing classified documents leaked by Edward Snowden, the former National Security Agency contractor, it said although electronic eavesdropping often yields valuable data, even "tantalising" clues can be missed if the technology is not closely monitored, the intelligence gleaned from it is not linked with other information, or analysis does not sift incriminating activity from the ocean of digital data.
The report said Indian and British intelligence agencies monitored online activities of Zarrar Shah, a key 26/11 planner and the technology chief of Pakistan-based Lashkar-e-Taiba (LeT) terror group, "but couldn't connect the dots" before the attacks that killed 166 people, including six Americans.
In the fall of 2008, Shah "roamed from outposts in the northern mountains of Pakistan to safe houses near the Arabian Sea, plotting mayhem in Mumbai, India's commercial gem."
He was, however, unaware that by September, the British were spying on many of his online activities, tracking his internet searches and messages, the report said.
"They were not the only spies watching. Shah drew similar scrutiny from an Indian intelligence agency," it said, citing a former official briefed on the operation.
While the US was unaware of the two agencies' efforts, it had picked up signs of a plot through other electronic and human sources, and warned Indian security officials several times in the months before the attack, the report said.
Routing calls through US
The Pakistan-based LeT's technology chief had posed as an Indian businessman while negotiating to buy from an American company a Voice-over-Internet Phone service that was later used by the LeT handlers to communicate with 26/11 attackers while concealing their actual origin.
Shah, a 30-year-old computer expert, had set up an internet phone system to disguise his location during the 26/11 attacks by routing his calls through New Jersey.
The report said that Shah contacted the New Jersey company, "posing online as an Indian reseller of telephone services named Kharak Singh, purporting to be based in Mumbai".
"His Indian persona started haggling" over the price of the VoIP that had been chosen because it would make calls between Pakistan and the terrorists in Mumbai appear as if they were originating in Austria and New Jersey, it said.
"its not first time in my life i am perchasing in this VOIP business," (sic) Shah said in shaky English, to an official with the company when he thought the asking price was too high, according to British intelligence documents quoted in the report.
"I am using these services from 2 years."
Shah had set up the VoIP service through the New Jersey company, ensuring that many of his calls to the terrorists would bear the area code 201, concealing their actual origin.
In November 2008 however, the company's owner wrote to the fictitious Indian reseller Singh, complaining that no traffic was running on the digital phone network.
"Dear Sir, I will send trafic by the end of this month," (sic) Shah said in his ominous reply.
In a plan to pin the blame on Indian Muslims for the attacks, Shah had typed a statement of responsibility for the attack from the Hyderabad Deccan Mujahadeen — a fake Indian organisation.
Early on November 26, Shah emailed a draft of the phony claim to an underling with orders to send it to the news media later, according to American and Indian counter-terrorism officials.
The report described Shah as a "digitally savvy operative" who had "strong ties to Pakistani intelligence and an intense hatred for India."
"As he made his plan, he searched on his laptop for weak communication security in Europe, spent time on a site designed to conceal browsing history, and searched Google News for "indian american naval exercises" — presumably so the seagoing attackers would not blunder into an overwhelming force," it said.