The threat of online terror

The threat of online terror

In the aftermath of the Delhi blasts and growing public pressure on the government about its role in fighting terrorism in the country, a task force has been set up under a retired joint intelligence committee chief to prepare a blueprint for the revamp of the intelligence agencies in the next six months.

This follows the special meeting of the Union cabinet where some proposals regarding revamping of technical intelligence gathering were taken up. The issue is: Why does the government take steps only after such incidents and why are routine intelligence capabilities not bolstered?

In India, the work space of the Intelligence Bureau (IB) and the Research and Analysis Wing (RAW) is fairly well demarcated, with the former concentrating on internal matters and the latter reporting on external issues. At various times criticism has erupted about the shortcomings in their functioning. The Rabinder Singh spying episode in RAW was one example.

There have been whispers earlier that both organizations be merged so that a common national intelligence entity is realized. Such murmurs are being heard once again.

After the Kargil review committee report was submitted in January 2000, four task forces were set up to look into restructuring the security and intelligence apparatus in the country. Their reports were comprehensive and, based on one of them, a technical intelligence organization, the National Technical Facilities Organization (NTFO), now called the National Technical Research Organization, or NTRO, was set up in 2004. Its mandate was to go into all aspects of intelligence gathering and a major portion of its work was to be in the areas of telecom and Internet surveillance.

However, NTRO never got the right mix of the technical infrastructure and manpower needed to handle Internet traffic that mattered in terms of national security. With data traffic increasing every day, a right set-up is required to fulfil its mandate.

High on its agenda was to be what is known as managed security services, whereby it could reasonably follow the Internet traffic and based on parameters, pick up patterns and trends, generate the right level of threat analysis and offer suitable alerts to national institutions and the cyber community alike.

Little has been realized in all these years to make it the technical backbone of cyber intelligence gathering in the country.

With emails accompanying terror attacks in Ahmedabad and Delhi and the meticulous planning with which these emails were sent, the government should make the right investment in NTRO, or even for that matter in IB, so that there’s no mismatch between our digital progress and the capabilities of our intelligence and law enforcement forces to support national needs.

Ideally, there should be a healthy policy effort to augment NTRO as the national technical backbone on which civilian and defence intelligence agencies can depend. The public interface should be the computer emergency response team (Certin) under the ministry of communications & information technology (IT).

Certin’s present role will be more effective if it is able to build a more public responsive agency instead of developing and improving its own network monitoring set-up.

Amendments to the Information Technology Act, 2000 (IT Act), could see a defined role for NTRO and Certin.

However, what is to be expected from the revised IT Act is a definition of the national critical infrastructure and a policy to protect it. NTRO should be made the nodal agency for protecting such infrastructure. Efforts must be made to get the best support from the private sector in this field and both NTRO and Certin should build a healthy public private partnership in the shortest possible time.

Cyberspace is now prone to greater abuse and many such incidents of abuse have serious national security implications. Unless the intelligence infrastructure is able to handle this huge transnational space, the nation would be always found reacting and not being proactive.