Chat facility in gaming apps now communication tool for terror groups: officials

Srinagar: Online war games akin to PUBG requiring chats with partners anonymous or otherwise have emerged as a key communication channel for terror groups and Pakistan’s ISI to convey messages to their recruits in Jammu and Kashmir, officials here said.

As terror groups operating across the border seek to bypass social media and conventional channels of communication and escape scrutiny by security agencies, it is a virtual battleground and in some cases a real one too. Four cases have been identified, the officials said.

In one case, an underage boy was being radicalised by his gaming partner sitting across the border. The boy was handed over to parents after proper counselling of the entire family.

The gaming chat applications allow players to communicate with each other in real time in the guise of playing online games, the officials explained without going into details of which game and how.

These applications, which facilitate voice, video, and text-based communication to enhance teamwork, strategy discussions and social interaction among players, are being used for different purposes, they said.

The prospective recruits are identified during playing.

The gaming applications have been increasingly incorporating encryption to protect user communications but the level of security varies widely. So, some games use basic encryption for in-game voice chat and others offer more robust end-to-end encryption for text and voice. There are also applications that allow for self-destructing messages.

Though several of these gaming applications are banned in India, they are downloaded using Virtual Private Network (VPN) illegally. A VPN creates a secure and encrypted connection over the internet by masking Internet Protocol addresses and encrypts online traffic, making it more difficult to track online activity and access data.

In the past, messaging platforms like WhatsApp were delinked by terror groups and their handlers from Pakistan and they switched to other applications to communicate with each other. The included one developed by a Turkish company that is being used by terror group handlers and their prospective recruits in the Valley, the officials said.

The new applications have the ability to work with the slowest internet connections where Enhanced Data for Global Evolution (EDGE), used in the late 2000s, or 2G is in operation.

The Central government had suspended internet across Jammu and Kashmir after the abrogation of the special status of the erstwhile state on August 5, 2019.

All encryption and decryption happen directly on the devices, therefore reducing third party intervention at any point. These new apps use encryption algorithm RSA-2048 which was adopted as the most secure encrypted platform, officials said.

RSA is an American Network Security and Authentication company founded in 1982 by US-born Ron Rivest and Leonard Adleman and Israeli-born Adi Shamir. The acronym RSA is used worldwide as the foundation key in the cryptosystem.

One new messaging app used by terrorists to radicalise youth in the Valley does not even ask for phone numbers or emails, therefore enabling complete user anonymity, the officials said.

The latest challenge in tracking terror activity comes just as security agencies in the Valley are fighting the menace of virtual SIM cards. Terror groups have been increasingly using these to connect with their handlers in Pakistan. Virtual SIM cards are generated by a service provider based in a foreign country.

In this technology, the computer generates a telephone number and the user needs to download an application from the service provider on his or her smartphone to use it.

The penetration of this technology came to light in 2019 when a request was sent to the United States to seek details from a service provider of virtual SIMs used by a Jaish-e-Mohammed suicide bomber in the attack on a CRPF convoy in Pulwama that left 40 personnel dead.

A detailed probe by the National Investigation Agency and other security agencies indicated that over 40 virtual SIM cards were used in the Pulwama attack alone. There are probably many more floating in the Valley's cyberspace, the officials said.