The hoax bomb calls that delayed over 90 flights in India the past week have become a significant challenge for central cyber agencies.
According to a top-level official, the agencies have not been able to trace the actual Internet Protocol (IP) address from which the threats were issued. Additionally, officials involved in the digital investigation have stated that the accused are not the same in all cases. In one instance, a note was found on an Udaipur-Mumbai flight written on a tissue paper. In other cases, threats were generated digitally. In some instances, threats were made through social media, while in others, emails were sent.
According to the initial investigation, the IP addresses were initially traced to European countries, but VPN chaining was suspected to have been used, making further tracing nearly impossible. Indian agencies are attempting to obtain details from VPN companies and their response is awaited.
“Previously, VPNs were used by miscreants to send threat emails and messages. When we traced the IP address, we found that it was in a European country. However, it is suspected that VPN chaining was used, indicating that the threat emails and messages were coordinated with technical experts or the sender was technically sound,” said an official associated with the digital investigation.
Officials also said had it been a normal VPN, Indian agencies would have traced it very easily. The official also explained that in VPN chaining, data is routed through a primary VPN server, which decrypts and re-encrypts the data before sending it to a secondary VPN server for an additional layer of encryption and decryption.
“Regarding the emails sent to schools this year, not much progress has been made as VPN companies are reluctant to share information. It appears that the same encryption method was used in these emails as well. For agencies, it is challenging to obtain the exact IP address that reveals the sender’s location,” the official stated.
As many as 25 flights of Indian airlines received bomb threats on Sunday, causing hardships to hundreds of passengers and forcing authorities to move scores of planes to isolation bays at airports concerned for detailed checks.
The developments came a day after more than 30 flights of various Indian carriers received bomb threats. This week, nearly 100 flights received threats sending security agencies into a tizzy. The threats later turned out to be hoaxes.
Six flights each of IndiGo, Vistara, Air India and Akasa Air, and at least one flight of Air India Express received the threats on Sunday, according to sources.
Against the backdrop of bomb threats, mostly through social media, to airlines, the Bureau of Civil Aviation Security (BCAS) held a meeting with representatives of airlines on Saturday.
The civil aviation ministry plans to put in place strict norms to prevent incidents of hoax bomb threats to airlines, including placing the perpetrators in the no-fly list.
Meanwhile, in May this year, at least 100 schools in the Delhi-NCR area received bomb threats via emails though nothing objectionable was found in the end.
Comments
0 comment