In 2008 Mumbai Killings, Piles of Spy Data, but an Uncompleted Puzzle
In the fall of 2008, a 30-year-old computer expert named Zarrar Shah roamed from outposts in the northern mountains of Pakistan to safe houses near the Arabian Sea, plotting mayhem in Mumbai, India’s commercial gem.
Mr. Shah, the technology chief of Lashkar-e-Taiba, the Pakistani terror group, and fellow conspirators used Google Earth to show militants the routes to their targets in the city. He set up an Internet phone system to disguise his location by routing his calls through New Jersey. Shortly before an assault that would kill 166 people, including six Americans, Mr. Shah searched online for a Jewish hostel and two luxury hotels, all sites of the eventual carnage.
But he did not know that by September, the British were spying on many of his online activities, tracking his Internet searches and messages, according to former American and Indian officials and classified documents disclosed by Edward J. Snowden, the former National Security Agency contractor.
They were not the only spies watching. Mr. Shah drew similar scrutiny from an Indian intelligence agency, according to a former official briefed on the operation. The United States was unaware of the two agencies’ efforts, American officials say, but had picked up signs of a plot through other electronic and human sources, and warned Indian security officials several times in the months before the attack.What happened next may rank among the most devastating near-misses in the history of spycraft. The intelligence agencies of the three nations did not pull together all the strands gathered by their high-tech surveillance and other tools, which might have allowed them to disrupt a terror strike so scarring that it is often called India’s 9/11.
“No one put together the whole picture,” said Shivshankar Menon, who was India’s foreign minister at the time of the attacks and later became the national security adviser. “Not the Americans, not the Brits, not the Indians.” Mr. Menon, now retired, recalled that “only once the shooting started did everyone share” what they had, largely in meetings between British and Indian officials, and then “the picture instantly came into focus.”
The British had access to a trove of data from Mr. Shah’s communications, but contend that the information was not specific enough to detect the threat. The Indians did not home in on the plot even with the alerts from the United States.
Clues slipped by the Americans as well. David Coleman Headley, a Pakistani-American who scouted targets in Mumbai, exchanged incriminating emails with plotters that went unnoticed until shortly before his arrest in Chicago in late 2009. United States counterterrorism agencies did not pursue reports from his unhappy wife, who told American officials long before the killings began that he was a Pakistani terrorist conducting mysterious missions in Mumbai.
That hidden history of the Mumbai attacks reveals the vulnerability as well as the strengths of computer surveillance and intercepts as a counterterrorism weapon, an investigation by The New York Times, ProPublica and the PBS series “Frontline” has found.
Continue reading the main story
Although electronic eavesdropping often yields valuable data, even tantalizing clues can be missed if the technology is not closely monitored, the intelligence gleaned from it is not linked with other information, or analysis does not sift incriminating activity from the ocean of digital data.
This account has been pieced together from classified documents, court files and dozens of interviews with current and former Indian, British and American officials. While telephone intercepts of the assault team’s phone calls and other intelligence work during the three-day siege have been reported, the extensive espionage that took place before the attacks has not previously been disclosed. Some details of the operations were withheld at the request of the intelligence agencies, citing national security concerns. “We didn’t see it coming,” a former senior United States intelligence official said. “We were focused on many other things — Al Qaeda, the Taliban, Pakistan’s nuclear weapons, the Iranians. It’s not that things were missed — they were never put together.”
After the assault began, the countries quickly disclosed their intelligence to one another. They monitored a Lashkar control room in Pakistan where the terror chiefs directed their men, hunkered down in the Taj and Oberoi hotels and the Jewish hostel, according to current and former American, British and Indian officials.
That cooperation among the spy agencies helped analysts retrospectively piece together “a complete operations plan for the attacks,” a top-secret N.S.A. document said.
The Indian government did not respond to several requests for official comment, but a former Indian intelligence official acknowledged that Indian spies had tracked Mr. Shah’s laptop communications. It is unclear what data the Indians gleaned from their monitoring.