Some thoughts on the HuJI & IM emails, and the on-going investigation.
Investigation into the heinous attack on the Delhi High Court that left 11 dead and several injured has begun. At the center of this investigation are two emails alleged to have been sent by Harkat ul-Jihad al-Islami (HuJI) and, subsequently, by the Indian Mujahideen (IM).
The email alleged to have been sent by HuJI was via Gmail. Based on this article by DNA, NIA and Delhi Police investigating the terrorist attack traced the email to a cybercafe in Kishtwar, Jammu and Kashmir. The owner of the cybercafe, Mehmood Khawja and two others are reportedly being questioned.
A couple of important points need to be noted about the ongoing investigation. First, Gmail is a free, web-based service provided by Google, whose mail servers reside in the U.S. As such, these mail servers and the data they contain are subject to U.S. law. In the event that the Government of India would need access to any of this information, it would need to make a formal request, justifying its need to access a third party’s data, to Google via the U.S. government 1. If this has indeed happened and has resulted in India obtaining data pertinent to this email, then it bodes very well for the Indo-US counter-terror cooperation.
This is especially impressive, since Indian investigators were able to gain access to the alleged HuJI mail account within the span of 3 hours (the email was sent 3 hours after the blast and investigators had access to the account’s password 3 hours subsequent to that, as indicated in DNA’s account). Now, it is entirely also possible that Indian investigators were able to guess the account’s password, but the gut feeling of this blogger is that the explanation provided by NIA and Delhi Police stretches credulity.
Next, Toral Varia, journalist with Rediff has a good comparative analysis of the emails sent by HuJI and IM to ones previously sent by these groups. The article points out discrepancies in typefacing and format — even spelling (the IM email misspelled mujahideen as “Muzahideen.”) — from threats previously received from these groups. Therefore, it would appear that these emails were sent by people who may have not had prior knowledge about a pending attack on Delhi High Court.
It must be noted that Indian Mujahideen has sent as many as five emails claiming responsibilities for various attacks. All the emails were drafted with precision using PDF files, various fonts and colours, Urdu script, a proper signature, a well researched list of recipients, and sent minutes after a terror attack was executed. All the mails were signed by ‘Al ARBI.’
Content for the Indian Mujahideen mails was usually written in impeccable English, interspersed with the verses from the holy Koran, a picture of the Gujarat carnage, references to ‘atrocities on Muslims’ amongst other inflammatory literature.
However, one look at both the emails, that have been sent claiming and counter claiming responsibilities for Wednesday’s blast, and the first impression is that the mails have perhaps been sent by an amateur. [Rediff]
At the same time, it is also equally important to not discredit these leads based on prima facie evidence. Unfortunately, some TV news anchors are dismissing these emails as “prank emails.” It would be dangerous to categorize them as such. Now, the fact the senders of the HuJI email were traced down as quickly as they apparently were leads us to believe that the senders weren’t very technically adept.
Those who follow the modi operandi of jihadi groups know that the first rule that today’s terrorist learns is cyber cover and concealment. This might possibly indicate that the senders of the email were either not very well trained, or not directly linked to the perpetrators of the attack. However, this shouldn’t necessarily mean that these correspondences were “prank emails,” as the entire purpose of the emails might have been to deliberately mislead investigators.
Finally, we must recognize that we must give investigators the time and space to fully and thoroughly investigate the attack. Delhi Police has been (quite fairly) criticized for not learning from the lessons of the past and not taking the necessary precautionary measures to deter the attack. We also know all too well that not one terror attack in India since 2005 has been resolved. But at the same time, let’s not play judge, jury and executioner before we’ve given the NIA and DP the opportunity to investigate. In this regard, the media should take it upon itself to play a more constructive role.