Probing the Dark Net for Terrorists

The Indian intelligence agency are probing known modes of communication through the deep web. Looking into it, they are probing the dark corners of the Internet which allows these sympathizers to meet, reach, organize and attack. These new tools of closed user group interface, is the new mode of stealth communication. The same dark web is being intercepted for coded communications from terror modules like the one that attacked the Uri 12 Brigade military camp. In fact, IB had given specific input to the Brigade Commander on terrorist sightings across the LoC.


IB and RAW using a coordinated unit under the aegis of IB are monitoring this kind of traffic, namely ascertaining which site is part of which web, who is talking to whom, what kind of messaging and communication is doing the rounds, among other things. Rana Banerji, ex special secretary cabinet secretariat, one of the foremost minds on this subject told Financial Chronicle, “Agencies are sifting through communication across suspected sites and this goes beyond listening posts tuning into chatter, for it is the internet and its recesses which are proving to be far more dangerous vesting places.”



Former RAW chief A.S. Dulat speaking to FC said, “We are adequately prepared to deal with this menace. The

NTRO has a key role to play in this.” In fact, the secretive National Technical Research Organization directly under the National Security Adviser in the PMO is increasingly proving to be the minder of the deep and dark web using sophisticated monitoring equipment to ferret out the vital clues from both the dark and deep web, sharing resources with the IB-RAW on this sensitive beat.


D.C. Pathak, former director Intelligence Bureau told FC, “As the nation’s technical intel agency, NTRO tracks enemy activity in cyber space and also advises on critical information infrastructure protection which is now so important in the age of cyber warfare.” NTRO is particularly concerned with economic installations being attacked by unethical hackers like say the Indian power grid or a ‘spectacular’ attack on a refining complex or a nuclear site.


At almost 500 times the size of the surface web, the deep web’s potency as a communication tool with frightening implications is worrying for the agencies particularly because it cannot be indexed by regular search engines. To keep track of these browsers, new software is being created to stay ahead of the curve. In terms of indoctrination and recruitment, the Islamic State of Iraq and the Levant, also known as the Islamic State of Iraq and Syria, Islamic State, and by its Arabic language acronym, Daesh, which is a Salafi jihadist militant group that follows a fundamentalist Wahhabi doctrine of Sunni Islam has been at the vanguard of internet usage.


NTRO’s off-the-air GSM monitoring device code named Fox is capable of picking up signals between cellphones and mobile towers only within a radius of 2 km and has been used extensively in the Kashmir Valley.


The dark web is the encrypted network that exists between Tor servers and their clients, whereas the deep web is simply the content of databases and other web services that for one reason or another cannot be indexed by conventional search engines. What you want to access are sites using the Tor Hidden Service Protocol. It works over regular Tor (anonymity network), but instead of having your traffic routed from your computer and through an onion-like layer of servers, it stays within the Tor network.


It needs to be mentioned here that only deep web browser can help access the deep web. The most famous of these deep web browsers is called Tor and this is the one that is recommended if you’re looking to get onto the deep web. Downloads of Tor soared in August by almost 100 percent as the general population became more and more concerned about their privacy amid revelations about US and UK intelligence agencies monitoring web traffic.

The deepest layers of the Deep Web, a segment known as the “Dark Web,” contain content that has been intentionally concealed. The Dark Web can be defined as the portion of the Deep Web that can only be accessed through specialized browsers. A recent study found that 57 percent of the Dark Web is occupied by illegal content like pornography, illicit finances, drug hubs, weapons trafficking, counterfeit currency, terrorist communication, and much more. Probably the most notorious example of these activities can be seen in The Silk Road website. To access material in the Dark Web, individuals use special software such as Tor or I2P (Invisible Internet Project).


TOR was initially created by the U.S. Naval Research Laboratory as a tool for anonymously communicating online. It relies upon a network of volunteer computers to route users’ web traffic through a series of other users’ computers so that the traffic cannot be traced to the original user.

As another expert James Lewis has highlighted, “One of the characteristics of terrorist websites is their ability to manage rapid changes of internet addresses. When authorities force a site to move, informal networks based on chat rooms or e mail inform the group’s supporters of the new network address. The word of mouth system to distribute new addresses to audiences is very effective. It reinforces a sense of inclusion in the group and of success in defying the authorities.”


At the start of August, a whole bunch of hidden websites – some saying as many as 50% – completely vanished off the deep web and this was linked to the take down of a hosting operation in Ireland. The Irish Independent reported that the U.S. was seeking the extradition from Ireland of a man named Eric Eoin Marques, who is alleged to have been involved in distributing child pornography online.

Gabriel Weimann, Professor of Communication at the Department of Communication at Haifa University, Israel writes, “Following the November 2015 attacks in Paris, ISIS has turned to the Dark Web to spread news and propaganda in an apparent attempt to protect the identities of the group’s supporters and safeguard its content from hacktivists. The move comes after hundreds of websites associated with ISIS were taken down as part of the Operation Paris (OpParis) campaign launched by the amorphous hacker collective Anonymous. ISIS’s media outlet, Al-Hayat Media Center, posted a link and explanations on how to get to their new Dark Web site on a forum associated with ISIS.


The announcement was also distributed on Telegram, the encrypted communication application used by the group. Telegram is an application for sending text and multimedia messages on Android, iOS, and Windows devices.


Telegram is so confident of its security that it twice offered a $300,000 reward to the first person who could crack its encryption. The messages shared links to a Tor service with a “. onion” address on the Dark Web. The site contains an archive of ISIS propaganda materials, including its documentary-style film, The Flames of War. The site also includes a link to the terrorist group’s private messaging portal on Telegram.


Terrorists can use the Dark Web for fundraising, money transfers, and illegal purchase of explosives and weapons, using virtual currencies like Bitcoin and other crypto-currencies.