Lashkar-E Taiba Attack Case Study

During November 26th-29th ten members of the Pakistani based terrorist group Lashkar-e-Taiba (LeT) came by sea from Karachi attacking numerous soft targets in Mumbai, India resulting in over 160 deaths and 300 casualties. The locations consisted of: the Taj Mahal Palace, Trident-Obetroi, Chhatrapati Shivaji Terminus (CRT), Cama hospital, Albless hospital, Nariman house business and residential complex, Cafe Lepold, and Time of India office. The attacks of numerous soft targets had a large psychological effect on the public.

The attack teams consisted of one team of four and three teams of two (10 members total) with each member carrying an AK-56 automatic assault rifle with seven magazines of ammunition (30 rounds each). This created the impression of a greater number of attackers; generating confusion amongst authorities. Additionally, they are believed to have been assisted by an unknown number of locals and remote handlers. The attack had several suspected outcomes: To increase tensions between India and Pakistan, to break up Indian and Muslim communities, to cause fear and alarm, attract Islamist extremist recruits and damage to India’s economy.

By adapting a modular and flexible force, reducing bureaucratic red tape, investing in active shooter training with local police forces and avoiding breaches of basic information security protocols Indian officials can effectively mitigate future risks. Pre-attack Analysis Indian intelligence officials received prior warnings both from their own sources and from the United States that a major attack was probable, but lack of relevance and ambiguity about the threat seemed to have prevented responses.

Due to poor relations between Pakistan and India there had been less than sufficient communication between the two intelligence agencies disseminating covert intelligence for actionable purposes. Indian authorities indicated that in February 2008, a suspected terrorist, arrested in northern India, was found to possess drawings of various sites in Mumbai, some of which were targets in the November 2008 attack. The concept of Value at risk addresses this scenario well. There were already warnings of a major attack; indicating a high impact.

Given the prior indicators and warnings there appeared to be a high probability. This is not including the high psychological impact that resulted from the chaos that ensued. The adversaries were able to ensure surprise by pursuing a channel that had little to none early warning system. As a result, “the environmental threat was not identified correctly; becoming an operational risk. ” (Bracken, 2008) The tactics employed in the Mumbai attack were not new or remarkable; however, the attackers did incorporate some tactical innovations due to their use of modern technology.

They were able to use technology to assist them with planning the attack and with their command, control and communications during the execution of their operation. Environmental Risks LeT demonstrated how an organization can circumvent control measures by focusing on an alternative environment. The attackers used maritime environment to their advantage. The expansive region makes it a porous environment where minimal government presence existed. Coming by sea allowed the terrorists to avoid many Indian security checkpoints.

Such an environment offers innumerable advantages compared to land routes where government checkpoints and patrols are far more rigorous. Sailing on an Indian vessel enabled them to avoid arousing the suspicion of the Indian coast guard. The environment highlights India’s inability to effectively monitor its coastline. Command, control, intelligence, surveillance, and reconnaissance were not integrated and provided in real time. Breaches of basic information security protocols provided the terrorists with vital operational intelligence.

There was no plan for dealing with the media, whose 24-hour coverage increased the chaos and allowed the attackers’ handlers to give them real-time tactical intelligence and advice. ” (Elkus, 2009) “Major criticism was directed at a cabinet minister on the first day of the crisis, after he announced that 200 NSG commandos were to be deployed in the area in two hours. ” (Rabasa, 2009) Not only did this alert the terrorists as to when a hostage rescue mission might occur, it also effectively confirmed that no forward operating units had yet been mobilized.

At one point, remote handlers picked up on a Twitter image that was broadcast by the BBC and relayed it directly to the attackers. The “Tweet pic” actually gave away the location of the Indian counterterrorism forces storming the Nariman House during the waning moments of the event, and resulted in the terrorists counter-attacking the assault forces storming the building from the roof. Operational Risks Unfortunately, Indian security and counterterrorism assets are too poorly funded and organized to comprehensively address the militant threats the country faces.

The police’s command and control failures, slowness and disorganization of tactical response, and inability to prevent the terrorists from entrenching are of paramount importance. Indian police were outgunned and unprepared to deal with the well-armed adversaries. Hostage rescue response and tactical planning were not up to the task of fighting through the entrenchments terrorists created. During the attack, the attack teams repeatedly switched the point of engagement, further confusing police response.

Police response was compromised by its inability to rapidly adapt to the swarm and follow-on pulses and sieges. Additionally, Indian authorities failed to cordon off the attack sites along a wide perimeter to contain the terrorists. Mumbai front line responders had no active shooting training, and the city of Mumbai had no rapid response force or SWAT team unit to speak of. Waiting for a response team to come in and engage the attackers was not effective when the attackers were actively shooting others. This is significant because street cops are a critical line of defense against terrorists.

The importance of street cops pertains not only to preventing attacks but by collecting critical intelligence, noticing surveillance or other preoperational planning activity and questioning suspicious individuals. In the past, when a facility was seized, police tactics often called for the power and phone lines to be cut off to limit attackers’ ability to communicate with the outside world. Such measures have proven ineffective in the era of cell phones and portable satellite communications. Technology assisted the Mumbai attackers in conducting their preoperational surveillance.

It also enabled them to use satellite imagery of Mumbai and GPS receivers to reach their assigned landing spots by water and move to their assigned attack sites. Tactical commanders and individual team members were able to use satellite and cell phones to place calls to their strategic commanders in Pakistan. Mitigation Plan The Mumbai attacks exposed the omnipresent vulnerabilities of the Indian system. The necessary defenses were not in place to quickly contain the impact. Police were under-equipped and under-resourced across the board.

Armed assault is an important category of threat. The Mumbai attacks exposed vulnerabilities in hotel security. Soft targets will continue to be vulnerable to attackers. Armed assaults conducted by terrorists pose a significant threat to Mumbai’s security, communication and responses. Militants will continue to cross from Pakistan. Group attacks represent an escalation of scale that creates definitive problems to security responses. Isolating critical assets from uncertainty involves hardening or protecting key assets.

Many of the targets in the Mumbai attack were considered soft targets. Many areas were open public areas. “Isolating critical resources from uncertainty is usually quite expensive. “(Bracken, 2008) It is impossible to protect everything; moreover, conducting attacks against soft targets such as hotels or malls can be done with ease, and can prove quite effective at creating carnage. ” Smoothing is important because many intelligence sensors and collection systems are limited in their processing capacity” (Bracken, 2008).

Real-time intelligence support in the operational space, especially in the midst of a chaotic battle such as the Mumbai incident, is needed to coordinate police response. This can be accomplished through the use of command and control visualization technologies and a competent command staff monitoring the engagement. To further increase situational awareness during fluid events, emergency responders must now expand their sources of information to include social media and other developing networks.

Indian authorities must continue to monitor their environment for changes that affect the nature or impact of the risk. Local maritime communities must be engaged. They may be the best asset for monitoring the specific environment. Maybe if they are partnered with or sourced by human intelligence professionals reprehensible activities will be revealed. Additionally, reliable engagement builds trust, which in turn builds security by aligning the interests of local communities and lawful government for mutual benefit.

Risk may change so that the current mitigation is ineffective and needs to be scrapped in favor of a different one. On the other hand, the risk may have diminished in a way that allows resources devoted to it to be redirected. The Mumbai attack is an example of the speed at which terrorists can operate and a reminder that the current counterterrorism measures designed to flag suspicious behavior may be inadequate to uncover and disrupt operations by agile terror networks of this sort.

Indian emergency managers had planned for attacks, but they lacked a modular and flexible structure when it came to communicating and responding in a non-routine fashion. By investing in an agile system rather than new warning systems, Indian authorities could quickly switch forces to meet unforeseen threats and attacks. Without a sufficient agile system, Indian authorities may be locked into less desired approaches, such as warning, or costly hardening of assets.