New Delhi: Members of the “White Collar” terror module involved in the Delhi car blast used a sophisticated web of ‘ghost’ SIM cards and encrypted apps to coordinate with Pakistani handlers, officials investigating the case said on Sunday.
The arrested doctors, including Muzammil Ganaie, Adeel Rather and others, used a ‘dual-phone’ protocol to evade security agencies.
These findings led the Department of Telecommunications (DoT) to issue a sweeping directive, mandating that app-based communication services like WhatsApp, Telegram and Signal must be continuously linked to an active, physical SIM card within the device, as reported by PTI.
Every accused, including Dr Umar-un-Nabi, who was killed while driving the explosives-laden vehicle near the Red Fort, carried 2-3 mobile handsets, investigators have said.
One of these was registered in their own names for routine personal and professional use to avoid suspicion and one was used exclusively for WhatsApp and Telegram communication with their handlers in Pakistan (identified by codenames Ukasa, Faizan and Hashmi).
The SIM cards for these secondary devices were issued in the names of unsuspecting civilians whose Aadhaar details were misused, the officials said. The Jammu and Kashmir Police also unearthed a separate racket where SIMs were issued using fake Aadhaar cards, they added.
According to officials, the security agencies noted a disturbing trend where these compromised SIMs remained active on messaging platforms across the border in Pakistan-occupied Jammu and Kashmir (PoJK) or Pakistan.
By exploiting features that allow messaging apps to run without a physical SIM in the device, the handlers were able to direct the module to learn IED assembly via YouTube and plot hinterland attacks, despite the recruits initially wanting to join conflict zones in Syria or Afghanistan.
To plug these security gaps, the Centre has invoked the Telecommunications Act, 2023, and Telecom Cyber Security Rules to safeguard the integrity of the telecom ecosystem, which includes a rule that within 90 days, all Telecommunication Identifier User Entities (TIUEs) must ensure their apps function only if an active SIM is installed in the device, as reported by the news agency.
The order further directs the telecom operators to automatically log out users from apps like WhatsApp, Telegram and Signal in case of the absence of an active SIM, the officials said, adding that all service providers, including Snapchat, Sharechat and Jiochat, must submit compliance reports to the DoT.
This feature of using apps without a SIM is posing a challenge to telecom cyber security as it is being misused from outside the country to commit cyber frauds and terror activities, the DoT statement had said while explaining the reasoning behind the move.
The directive is being fast-tracked in the Jammu and Kashmir telecom circle. While officials admit it will take time to deactivate all expired or fraudulent SIMs, the move is seen as a critical blow to the digital infrastructure used by terror networks to radicalise and manage and quot;white-collar and quot; operatives.
Failure to comply with these norms will attract stringent action under the Telecom Cyber Security Rules and other applicable laws, the officials said.
