It’s easy to simplify the implications of an extortion call in exclusively human terms as chilling and threatening. Security agencies, however, are increasingly realising that an extortion call is lot more complicated involving masking technologies that are cutting edge and complex. “In one case a rich businessman got an extortion call from abroad. After tracing it we figured out that it was a Voice over Internet Protocol (VoIP) call. Only on closer investigation did we figure out the server through which the call was being routed. Despite our best efforts we could never find out from which computer the call was made,” said a senior police officer. The Indian security forces are always expected to stay a step ahead of the criminals, yet are often literally outgunned in the cyberworld by technologies that are supposed to help them, but can also be used for nefarious activities. Governance Now looks at some of the technologies that are giving security forces a nightmare.

Encryption
Encryption as a technique has been in existence for close to four decades. Yet every time the Indian security forces catch up with the latest trends, technological advancements would make encryption tougher to decipher and crack.

“To communicate with one another the Maoists would use a code known as one-time pad. It is a code that is virtually impossible to break. They would select a specific page from a specific book and using the words from that page the message would be encoded. Both the parties would have knowledge of the selected text beforehand. By the time we would break the code, it would be useless,” said a retired intelligence officer, highlighting the demanding task that’s in front of our security establishment. Encryption has been used for communication through the earliest walkie-talkie to the highly sophisticated satellite phones.

Talking about the history of the coded message VK Mittal, former senior scientist, NTRO, said, “The earlier messages would be in a simple sub-cipher method where the letter A would be replaced by the letter Z and so on. With digitisation, the whole process has become impossible to break because the encryption keys are generated automatically.”

With the proliferation of the internet there are many free software programmes that let a common user encrypt everything. With constant upgrades in mobile phone applications, SMS encryption has also picked up over the years.

Citing an episode from a few years back an official with one of the central intelligence agencies said, “We had been monitoring communication between militant groups and we recovered hundreds of SMSes. Initially they did not really mean anything. For example, one SMS would say ‘Sheikh Abdul bimaar hai’. This would be followed by a similar message a few days later. However, we received an input from another agency asking us to look at the SMSes closely.  On investigation we found that the first message would be the username of an email id and the message that would follow would be the password.”

Steganography
It’s a component of encryption. Steganography refers to the method of concealing a message within an image. In order for this method to work, the image has to be digitised first and then the message hidden.

“The message can be hidden anywhere in the millions of bits of the image,” mentioned a source.  He recalled a case where in the intelligence agency recovered numerous images of beautiful models, including those of Claudia Schiffer and Kate Moss. On analysing these images hidden messages were discovered.

In the last 20 years the government has spent over '3,000 crores in developing cipher capabilities. Yet the success rate of encryption cases is ‘as low as 0.001 percent’, with security forces finding it extremely difficult to intercept the messages in the first place. “The main issue is not on how to monitor but what to monitor,” said Mittal. There are trillions of data points available for analysis and decoding. “We have no prior intelligence regarding what to look for. We do not know if it will be readable or not. Blanket cyber patrolling is not possible,” explained Mittal.

Voice over Internet Protocol (VoIP)
Voice over Internet Protocol (VoIP) came into limelight post the 26/11 Mumbai attacks when the intelligence agencies discovered how terror groups were using it to communicate their plans in a secure manner. Discussing the nature of VoIP an official working with the National Investigating Agency (NIA) said, “The communication system in VoIP uses peer-to-peer networking to make calls directly.

In most cases the service provider, based in a foreign country, refuses to cooperate. To get inputs from service providers, we have to fight a separate legal battle.” The official from NIA explained that with VoIP information is not stored on servers. The service providers only keep a track of the call logs. The content is not stored with them.  “We are interested in the content of the packet data. However, the service providers ask for confidential details before they give us the call details,” he said.  Another top level law enforcement official said, “VoIP calls usually come with a four-digit number. That is the hardest thing to trace.”

4G Satellite Phones
The fourth generation satellite phone has landed the Indian security forces with a double whammy. With the 4G phone the intelligence agencies not only have to tackle encryption but also interception.

“It is virtually impossible to decode the encrypted messages that pass through the 4G satellite phones,” said Mittal. One example of this technology is the Thuraya satellite phones. Made by a company of the same name based out of the UAE, the phone is used for communication across the border. The technology, however, comes with its own set of advantages for the security forces.

“Whenever a call was made it would appear with the latitude and longitude of the sender. On intercepting the device we would get the precise location as accurate as the last 10 minutes,” said an intelligence official. Several terror organisations have woken up to this flaw and are now using a method known as ‘location spoofing’. “Let’s say the sender is sitting in Germany,” explained a source. “Location spoofing would allow the user to communicate from Germany, while showing his location origin as India.”

Social Media
Social Media monitoring has been a problem for the intelligence agencies for the last few years. The medium’s popularity, clubbed with jurisdiction issues, has meant that the intelligence agencies have had little control over social media platforms and content.

Giving an example from a case an official within the Delhi Police said, “The police had no idea about the flash mobs that were gathering across the city. Social media monitoring is posing a major challenge for us.”

Intelligence agencies have been struggling to deal with cyber forensics for social media in the last decade, especially with the quantum leap in technologies in recent years. The senior Delhi Police official explained that the range of messaging applications on mobile phones like WhatsApp, and with the data being hosted in servers abroad, has caused a serious problem for policing agencies.

Solid-state drive
Recovering deleted data is a specialised area of operation requiring specific skills and expertise. Talking about recovering deleted data from the multiple flash chips, the NIA official said, “To recover overwritten data from these drives is almost impossible.

Tools are being developed to recover deleted data from these chips but to recover overwritten data is very difficult.” Another difficulty with this technology is the process of wiping, which makes the data on the drive unreadable.

“Even when we delete data it remains in the drive in the 0-1 form. We can make out some form of the data. With the process of wiping, we are replacing all the binary data with one uniform garbage value. It is basically overwriting all the data with 1s or 0s. Nobody has been able to crack it,” the official added.

Mobile technologies
Mobile phones are proving to be the biggest headache for security agencies. With several kinds of smartphone applications in operation, the intelligence agencies have no control over who has access to data.

“What do you think happens to all the data? All the data goes to a third party. WeChat is run by a Chinese company which has its headquarters in the Guangdong province. That is also known as the cyber espionage headquarters of China. They are giving you the services and accessing all your data. With smartphone applications privacy has become an issue,” said an intelligence official.

Extracting data from a Chinese handset is also a problem for the forensic teams. The known software programmes do not apply to the Chinese phones. Currently the Indian security forces are using a software programme known as ‘Tarantula’ which works only on some of the Chinese handsets.