Investigative Report Shows Wealth of Cyber-Espionage Failed to Prevent Mumbai Attacks

A widely publicized investigative report shows that intelligence agencies in three countries had a wealth of electronic data pointing to the 2008 terrorist attacks in Mumbai months before they occurred. Reactions on the part of the governments and intelligence agencies ranged from defensive to conciliatory.

“NSA did not have advance notice of the operational plan to attack Mumbai in November 2008,” was the simple response in an NSA statement to Hamodia. The statement also noted that much of the report was based on “stolen intelligence documents,” upon which they will not comment.

Using court testimony, classified documents disclosed by Edward Snowden, the infamous former National Security Agency contractor, and dozens of interviews with former American and Indian officials, The New York Times, Pro Publica (an independent electronic newsroom), and PBS worked in tandem to reveal the vast information that seemed to point to targets and methods used during the deadly assault.

“No one put together the whole picture,” Shivshankar Menon, who was India’s foreign secretary at the time of the attacks and later became the national security adviser, told interviewers. “Not the Americans, not the Brits, not the Indians. Only once the shooting started did everyone share” what they had, largely in meetings between British and Indian officials, and then “the picture instantly came into focus.”

The bloody attack began with the sea-landing of a team of 10 gunmen in the Indian commercial center of Mumbai. Their killing spree ultimately claimed 144 lives.

“Over the last six years, the intelligence community here in the United States has worked with all of our partners to make sure we’re best positioned to stop attacks like Mumbai before they ever happen again,” said State Department spokesperson Marie Harf at a press conference responding to issues raised by the Times article. “The intelligence community has improved coordination and intelligence sharing between our own agencies, between the intelligence community and law enforcement in the U.S., but also among our partners abroad.”

The report focuses on the cyber-movements of Zarrar Shah, the technology chief for Lashkar-e-Taiba, the Pakistani terrorist organization responsible for the strike. British espionage efforts began monitoring him as early as September 2008, over two months before the killers arrived in Mumbai.

Shah set up phone lines through a New Jersey-based company to make calls between the gunmen and the command center in Pakistan appear to be coming from a 201 area code. He told providers that he intended to start using the numbers at the end of November — the time of the massacre.

Records showed that Shah conducted extensive internet searches on “small-scale warfare, secret communications, tourist and military locations in India, extremist ideology and Mumbai.” He also researched the hotels and Chabad House ultimately attacked, as well as weather conditions and naval activity in the Arabian Sea — the main portion of the terrorists’ route to India.

When the time came to prepare the killers for their mission, Shah used Google Earth to familiarize them with their targets. Once in Mumbai, navigation software and the internet phone lines were used to guide the operation.

All this and more was picked up by monitoring efforts, mostly in Great Britain.

Several American and Indian officials told reporters that although incriminating data was in their possession, they were difficult to isolate and use amidst the sea of information that was gathered.

“Computer traffic only tells you so much. It’s only a thin slice,” said Mr. Menon, noting that the key is analysis, and “we didn’t have it.”

A key accusation of the report is that part of the failure to act on intelligence stemmed from a lack of coordination and information sharing between U.S., British and Indian agencies.

However, a British representative told the Times unequivocally that “if we had had critical information about an imminent act of terrorism in a situation like this we would have shared it with the Indian government. So the central allegation of this story is completely untrue.”

The Indian government, as well, issued a statement the day after the article’s release, denying that they possessed much of the knowledge referred to in the report before attacks commenced.

Another key point raised by the report is that governments failed to act on several direct warnings.

“The U.S. intelligence community — on multiple occasions between June and November 2008 — warned the Indian government about Lashkar threats in Mumbai,” Brian Hale, a spokesman for the director of the Office of National Intelligence, told reporters. “The information identified several potential targets in the city, but we did not have specific information about the timing or the method of attack.”

Additionally, the disgruntled wife of key plotter David Colman Headley told the U.S. government on three occasions that her husband was a “Pakistani terrorist conducting mysterious missions in Mumbai.”

The article does show that once the attacks were in progress, the vast electronic data gathered was helpful in identifying culprits and the workings of the terror network, but that before that it had just been “bits of information.”

“I would also say that I think that piece highlights the challenge of putting together all the puzzle pieces in a very complicated intelligence picture,” said Mrs. Harf, commenting further on behalf of the administration. “Often, intelligence is like trying to put together a puzzle without knowing what it’s supposed to look like at the end, not having all the pieces and having some that go to a different puzzle… So it’s a challenge that we confront every day, but our intelligence community, in the wake of Mumbai, has taken steps with our partners and here at home to really improve their ability to prevent these kinds of attacks.”

The investigation’s focus, the potential of electronic espionage, remains somewhat unclear. Some findings suggest that had data been properly analyzed, the horrific events possibly could have been prevented.

However, there is another clear voice from several interview subjects that the nature of cyber-spying is limited.

“They either weren’t looking or didn’t understand what it all meant,” one former American official who had access to the intelligence told reporters. “There was a lot more noise than signal. There usually is.”