Tech no prisoners

Since Indian intelligence agencies have become quite expert in tapping cellular phones and tracking calls originating from neighbouring countries, terrorists have increasingly relied on e-mail to communicate and coordinate attacks. After some terrorists were caught in the late 1990s after the e-mails they had sent were intercepted, they have adopted a different strategy.

A group of terrorists create a throwaway webmail address on Hotmail or Yahoo and agree on a password. They then disperse to different cities. When they need to communicate, the sender logs in, types his message, but instead of e-mailing it, he saves it in the ‘drafts folder’. The intended recipient, in a different city, logs in with the same password and reads the saved message. Since no internet traffic is generated at all, there is nothing to intercept at the ISP’s (Internet Server Platform) server.

It is a Herculean task for the intelligence agencies to monitor every webmail address that has been created — especially one from where no messages are sent or received — and to crack its password. Several terror groups are also reported to have used steganographic techniques since the late 1990s. Steganography is the science of embedding hidden messages in video, audio or picture files.

Even the most meticulous forensic work by intelligence agencies can come to naught since all types of digital evidence are extremely easy to fabricate and plant on a suspect. A good defence lawyer can always state that the evidence was fabricated, and it would be almost impossible for the prosecution to prove, beyond reasonable doubt, that the digital evidence was not fabricated.

With IP (Internet Protocol) telephony, it is easy to fabricate or spoof the sender’s calling number. In many IP phone systems, the caller can enter any number that he likes as the calling number to show up in the receiver’s CLI (Calling Line Identification). In the past few years, many Indian telecom operators have been misusing this facility to pass off incoming calls originating from overseas as domestic calls to avoid paying settlement fees and access deficit charges. This caused alarm among Indian intelligence agencies that the foreign callers would be impossible to trace with legal standards of certainty.

Many of you would have received calls where the Clip (Caller Line Identification Presentation) just shows +301 as the calling number. In some of the newer cellular phones, it is possible to fabricate or edit SMSs and claim that they were sent by a particular party. This was not easy to do in the earlier generation of phones. The method of doing this is as follows:

Copy all the SMSs from the cellular phone to a computer.

Edit the SMSs in the computer using any text editor. Even the time and originating number can be changed.

Erase the SMSs from the phone and reset it to its factory settings using the CD that came with the phone.

Copy back the altered SMSs from the computer to the cell phone.

This procedure is almost impossible to detect, and if the time and originating number are left unchanged, they will correlate perfectly with the server logs of the cell phone operator. So the recipient can allege that she received a threatening or obscene SMS from the sender, when she may in fact have received a benign one. It would be impossible for the accused sender to prove his innocence.

It is even easier for the sender of an SMS to hide his identity by using any of the hundreds of inexpensive or free e-mail-to-SMS gateways such as smsjunction.com or sms.ac. The sender can enter any e-mail address that he likes in the ‘Sender’s Field’. Digital photographs are extremely easy to morph or alter, with little chance of detection. Many forgers have been detected only because they made the human error of not making the lighting and brightness consistent across the fabricated photograph.

The Indian government has established a Computer Emergency Response Team (CERT-IN) in collaboration with CERT-USA. But its capabilities need to be developed greatly. The Home Ministry has also asked IIT, Kanpur, to develop an Internal Security Centre based on the US Homeland Security Department. This project comprises a huge computer network that will contain data on every individual in India, including his financial records and foreign visits, and it will search for any unusual or suspicious patterns of activities. In the meantime, the vigil continues.

Ravi V Prasad heads a group on C4ISRT (Command, Control, Communications & Computers Intelligence, Surveillance, Reconnaissance and Targetting) in South Asia.