On the evening of November 26, 2008, a sixty-nine-year-old man checked into room 632 at the luxurious Taj Mahal Palace hotel in Mumbai, India. The guest, K. R. Ramamoorthy, was visiting from Bangalore on a routine business trip. Little did he know that his life was about to change forever.
At about 11:00 p.m., Ramamoorthy heard a brief commotion outside his door, then suddenly a knock. “Room service,” a voice said. Ramamoorthy knew he had not ordered any food and sensed something was gravely wrong. He attempted a retreat to the bathroom, accidentally bumping into the door. The noise gave away his presence inside the hotel room. The response was swift: a hail of bullets came flying through the door, obliterating the lock separating the businessman from the world outside.
Two heavily armed men forced their way into Ramamoorthy’s room, and in the blink of an eye he was beaten, stripped naked, and tied up in what would become the most terrifying night of his life. The men were from a Pakistani-based al-Qaeda–affiliated terrorist organization known as Lashkar-e-Taiba (LeT), and Ramamoorthy had unfortunately found himself at the center of the deadly 2008 terrorist siege on the city of Mumbai.
“Who are you, and what are you doing here?” his LeT captors demanded of him. “I’m just an innocent schoolteacher,” Ramamoorthy replied. Of course, the terrorists knew that no Indian schoolteacher could afford to stay in a suite at the city’s most opulent hotel. The terrorists located their hostage’s identification card on his bedside table and now had his true name, which they called in to their terrorist commanders on the satellite phone they had brought with them.
The LeT ops center receiving the call resembled any modern military command-and-control facility. From across the border in Pakistan, terrorist cell leaders tracked the progress of their attack on the people of Mumbai. They had carefully selected their targets, including two luxury hotels, a busy railway station, a Jewish community center, a popular tourist café, and even a women and children’s hospital. On the ground in Mumbai, terrorist operatives ruthlessly threw hand grenades at innocent people as they sat eating in cafés and gunned down unarmed civilians waiting to catch trains on their way home from work.
As the attacks unfolded, LeT commanders in Pakistan used their war room to carefully monitor the BBC, Al Jazeera, CNN, and local Indian TV stations to learn as much as possible about the progress of their operatives and the response of the Indian government. Regrettably, the terrorists did not limit their information-gathering operations to broadcast media; they also mined the Internet and social media in real time, to deadly effect.
When the terrorists holding Ramamoorthy phoned in his name to their Pakistani base, the ops center deftly conducted an Internet search on their hostage. Moments later, they had his photograph. Then his place of work. They learned Ramamoorthy was not an innocent schoolteacher as he claimed when pleading for his life but rather the chairman of one of India’s largest banks, ING Vysya. Based on the image they had found online, the terrorist commanders asked their operatives at the Taj Mahal Palace to compare the man before them with the photograph of the bank chairman located online:
Your hostage, is he heavyset?
Yes.
Is he bald in front?
Yes.
Does he wear glasses?
Yes.
“What shall we do with him?” asked Ramamoorthy’s captors. Moments later, the terrorist war room gave its reply: Kill him.
In an instant, a simple Internet search was all the terrorists needed to decide the elderly man’s fate. Though we may worry about advertisers and data brokers abusing our privacy settings on Facebook, the fact of the matter is that our openness can be used against us in ways worse than we had ever imagined. When we leak data, it’s not just captured by corporations or governments. Criminals and terrorists have access to our social data as well, and they are leveraging it with killer precision. In today’s world, a search engine can literally determine who shall live and who shall die.
The men who carried out that attack on Mumbai were armed with AK-47s and RDX explosives. Guns and bombs are nothing new in terrorist operations, but these LeT operatives represented a deeply disturbing new breed of terrorist. They had seen the future and leveraged modern information technologies every step of the way throughout their assault to locate additional victims and slaughter them.
When the attackers set out to sea from Pakistan under cover of darkness, they wore night-vision goggles and navigated to Mumbai using GPS handsets. They carried BlackBerrys containing PDF files of the hotel floor plans and used Google Earth to explore 3-D models of target venues to determine optimal entry and exit points. During the melee, LeT assassins used satellite phones, GSM handsets, and Skype to coordinate with their Pakistan-based command center, which monitored broadcast news, the Internet, and social media to provide real-time tactical direction to its ground assault team.
When a bystander tweeted a photograph of police commandos rappelling from a helicopter onto the roof of the besieged Jewish community building, the terrorist ops center intercepted the photograph, alerted its attackers, and directed them to a stairwell leading to the roof. The police, who had hoped to surprise the terrorists, instead found themselves ambushed inside the stairwell the moment they opened the door. When the BBC mentioned on air that witnesses had reported the terrorists were hiding in room 360 or 361, their war room phoned them immediately and told them to reposition themselves to avoid capture.
At every point during the siege, the LeT attackers exploited readily available technology to gain situational awareness and maintain tactical advantage over police and the government. They monitored the Internet and social media, gathered all available open-source data, and even mounted a sophisticated online counterintelligence operation to protect their operatives. Throughout their assault on Mumbai, the terrorists were so dependent on technology that numerous witnesses reported seeing LeT operatives shooting hostages with the guns in their right hands while simultaneously checking BlackBerry messages with their left.
Not only was technology crucial to the operational success of the siege, but as we learned in chapter 2, criminal abuse of technology also funded the attack. It was a Filipino hacking cell working on behalf of the al-Qaeda affiliate Jamaah Islamiyah that committed extensive cyber crime and online fraud to bankroll the LeT operation in India. The hackers funneled their millions in ill-gotten cyber gains back to their handlers in Saudi Arabia, who in turn laundered the funds and forwarded them to the Lashkar-e-Taiba team responsible for the brutal onslaught against the people of Mumbai.
In the end, it took police sixty-eight hours to end the siege on the city of Mumbai. Counterassault teams eventually killed nine of the terrorists and arrested the tenth. Shockingly, one of the innocents to survive the attack was K. R. Ramamoorthy. At the very moment the LeT command center had given the order to kill him, there was an explosion in the Taj Mahal Palace, which his attackers thought was the police closing in. As the terrorists ran to investigate, they gave Ramamoorthy the brief moment in time he needed to free himself and escape. Not so lucky were the 166 men, women, and children who lost their lives that day, as well as the hundreds more who were gravely wounded as a result of the carnage.
Let us pause for a moment to consider the implications of this terrorist assault. Ten men, armed not just with weapons but with technology, were able to bring a city of twelve million people, the fourth-largest metropolis on earth, to a complete standstill, in an event that was broadcast live around the world. The militants proved fully capable of collecting open-source intelligence mid-attack (traditional media, Internet, mobile, and social data) and using it for synchronous operational decision making. LeT simply processed the data the public was leaking and leveraged them in real time to kill more people and outmaneuver authorities. That was terrorism in the digital age circa 2008. What might terrorists do with the technologies available today? What will they do with the technologies of tomorrow? The lesson of Mumbai is that exponential change applies not just for good but for evil as well.
Goodman, Marc. Future Crimes (pp. 101-105). Knopf Doubleday Publishing Group. 2015, Kindle edition.
