Security agencies are handicapped in keeping an eye on internet. No Indian agency – either civilian or military – has the ability to intercept the encrypted traffic which flows in and out of the country. In January 2014, the government introduced an internet monitoring system, called Network Traffic Analysis aka Netra, for capturing dubious traffic flowing through the internet service providers.

The agencies claimed that Netra would be able to identify keywords like, ‘bomb’, ‘attack’, ‘kill’, used on social media sites, emails, chats, instant messaging, internet calls, blogs, etc. It turns out that the agencies turn blind when it comes to traffic flowing on sites where data is encrypted like Gmail, Facebook, Twitter, WhatsApp, and Yahoo (partly).

The watchful eye

Netra was developed by the Bengaluru-based Centre for Artificial Intelligence and Robotics (CAIR), a laboratory under the defence research and development organisation (DRDO). The government provided this tool to the cabinet secretariat, intelligence bureau and anti-terror bodies of state polices. Agencies like enforcement directorate, directorate of revenue intelligence, signals intelligence are said to be using Netra.

Netra is believed to be part of the central monitoring system, which provides for telephonic and internet related communications. It is being deployed by the centre for development of telematics (CDOT). The monitoring, however, has not fetched results so far.

Typically, the internet service providers have gateways to pass traffic flowing through internet lines at city, state and national levels. To intercept this data it is mirrored in a separate server in real time and analysed for keywords. The interception system decodes the filtered information and presents it in a readable format.

Since Netra ‘probes’, the monitoring tool deployed at gateways, cannot decrypt the encrypted data, the whole exercise becomes pointless.
The agencies find themselves helpless in case of internet calls, where data is encrypted. Calls made through voice over internet protocol (VoIP) are also difficult to trace, as the procedure for tracing them is long and cannot be done in real time. 

This all owes to poor expertise in the country in cryptology. Agencies can only request service providers like Google, Facebook and Twitter, who have US-based servers, to provide communication details. A few agencies are learned to have some ‘arrangements’ with their US counterparts; and sometimes they succeed in obtaining data. It is not without reason that the national security agency (NSA) of the US is said to be the top recruiter of mathematicians, who help it in enhancing the cryptography expertise, said a senior official who has served at central intelligence organisation.  

The Indian communications interception system is also inadequate as agencies don’t have enough high-end hardware and software. 
One of the ways to monitor internet is to intercept at the national gateway, where undersea cables enter the geographical boundary. The information flowing in the form of IP packets through internet cables carry huge data; running into several Terabit and Pitabit. The agencies are not equipped to deal with such mammoth data. Several experts Governance Now spoke to believed that law enforcement agencies (LEAs) have not kept up with advances in communication technologies.

It is important to note here that the agencies have adequate resources to monitor the GSM traffic – calls made through mobile phones. It could be done centrally, said Dr Arvind Chaturvedi, additional SP, special task force, Uttar Pradesh police. One need not be present physically to tap a phone call.

The Uttar Pradesh police, however, is not using Netra; it is using a solution developed by a US-based agency. It is also facing the same encryption challenge like in the case of Netra. 

Surveillance – an uphill task

VK Mittal, a former senior scientist with NTRO, said none of the central intelligence and investigation agencies have the manpower and (technical) resources to keep a watch over the internet. Communication technology has become too complex to be managed by the existing expertise, he added.

“A committee was formed in 1995 to set up a lab (CAIR) for devising a cyber interception system. Later, the DRDO was also tasked with developing an internet monitoring system. It has been more than two years and we have still not progressed much,” Mittal said.

Additionally, one can search for a number of spoofing and encryption software freely available on net. They can be easily downloaded in computers and mobile phones and used for making calls and messages which can’t be traced by the intelligence agencies. Both Chaturvedi and Mittal believe no Indian agency has expertise to deal with these new applications. 

The officials also think that agencies are not even exploring and analysing information available in the public domain including social media sites, referred as open source intelligence (OSI). Analysis of this information is not appreciated by the LEAs.
Ironically, it is one of the most common tool used by businesses for targeting their products and services. Messages posted on social media sites are analysed to ascertain public mood and sentiments under OSI.

Applications meant for extracting data, called web crawler, are deployed to source data from social media and other websites. Crawlers also extract data for specific keywords. This information is then analysed and aggregated into actionable input.

Twitter provides ‘firehose access’, an analysis of tweets, sentiment, key influencers, trend, geolocation, profile and clout score of users on subscription basis. “Media agencies and multinational brands subscribe to this service to strengthen their products and customer base,” said Tarun Wig, consultant, INNEFU, a Delhi-based company providing cyber security and open source intelligence solutions.

“The agencies don’t take social media seriously. They don’t have tools for open source intelligence,” said a senior official with another organisation which provides cyber forensics and communications technologies.

“For police, social media is another beat. Nonetheless, it is still not a priority for the law enforcement agencies,” said Muktesh Chander, special commissioner of police, Delhi police. He has also served as director at NTRO.

During a recent visit to NTRO Ajit Doval, national security advisor, instructed formation of a joint working group committee comprising members of IB and NTRO for cyber monitoring. Several such committees have been formed in the last 10-12 years and nothing has come out, Mittal said.

There is also an issue of coordination and data sharing between Indian LEAs and foreign agencies. A New York Times investigation, quoting reports leaked by ex-NSA agent Edward Snowden, showed that the 26/11 Mumbai attack could have been averted had Indian, US and British agencies shared computer data sourced by these agencies.

In August 2012, fake messages and pictures related to Assam violence were circulated. This led to an exodus of people belonging to the northeast from Bengaluru and Pune. A video of the lynching of a couple of youths, apparently shot in Pakistan, went viral on WhatsApp during Muzaffarnagar communal violence. It was used to aggravate hatred against Muslims. Also, an online propaganda came to light when a British news channel exposed a Bengaluru-based techie Mehdi Masroor Biswas. He ran Twitter handle @ShamiWitness, which had nearly 18,000 followers, some of them included likeminded IS sympathisers in Europe and West Asia. By the time agencies responded in all these cases, the damage was already done.

What needs to be done?

It is imperative to improve coordination between Indian agencies and their foreign counterparts. Equally important, said Atul Gupta, partner, IT advisory, KPMG, is enhancing the skillset of LEA officials to keep pace with changing technologies.

A national cryptology centre is also needed. This will not only help the security establishment, but also strengthen the e-commerce ecosystem.

Also, there is an immediate need to curb the brain drain  from DRDO and CAIR. Since financial compensation in the government is too low in comparison to the private sector, youngsters do not stay beyond two years in these organisations, explains Gupta.

pratap@governancenow.com

(The story appeared in February 1-15, 2015, issue)