Manas Dasgupta
NEW DELHI, Oct 21: Even as the union government promised to take legislative actions to punish the perpetrators issuing hoax bomb threats to flights harassing the passengers and airlines operators, official sources on Monday admitted that the cyber security agencies were facing a stiff challenge to trace the real culprits behind the move.
Some top-level officials said the cyber agencies have not been able to trace the actual Internet Protocol (IP) address from which the threats were issued. Additionally, officials involved in the digital investigation have stated that the accused were may not be the same in all cases. In one instance, a note was found on an Udaipur-Mumbai flight written on a tissue paper. In other cases, threats were generated digitally. In some instances, threats were made through social media, while in others, emails were sent.
In the wake over 100 bomb threats received by both the domestic and international flights being operated by the Indian airlines operators in the last six days, the Civil Aviation Minister K Rammohan Naidu on Monday said the government was planning to take legislative actions to deal with the instances of bomb threats including placing perpetrators of such threats in the no-fly list. Making such threats will also be made a cognisable offence, with provisions for punishment and fines.
Addressing a press conference on Monday, Mr Naidu said even though the threats have turned out to be hoaxes, there was a strict protocol that was followed by his department and airlines. “It is a very sensitive situation when it comes to such threats, there is an international procedure that we have to follow,” he said.
The minister said multiple meetings have been held with stakeholders since the spate of calls began on October 14 and amendments were being considered in the Aircraft (Security) Rules so that the people making such threats can be put on the no-fly list after they are identified.
The Bureau of Civil Aviation Security (BCAS) was continuously in touch with the Ministry of Home Affairs on the situation of bomb threats to flights, he said. To a query on whether there was a conspiracy behind the threats, Mr Naidu said investigations were on and did not offer any specific comments. “Safety and security of passengers are of utmost priority,” he said.
The hoax bomb calls having adversely affected over 100 flights, cyber security has taken up the challenge on war-footing to detect the culprits behind the move but are faced with tough challenges. According to the initial investigation, the IP addresses were initially traced to European countries, but VPN chaining was suspected to have been used, making further tracing nearly impossible. Indian agencies are attempting to obtain details from VPN companies and their response is awaited.
“Previously, VPNs were used by miscreants to send threat emails and messages. When we traced the IP address, we found that it was in a European country. However, it is suspected that VPN chaining was used, indicating that the threat emails and messages were coordinated with technical experts or the sender was technically sound,” said an official associated with the digital investigation.
Officials also said had it been a normal VPN, Indian agencies would have traced it very easily. The official also explained that in VPN chaining, data is routed through a primary VPN server, which decrypts and re-encrypts the data before sending it to a secondary VPN server for an additional layer of encryption and decryption.
“Regarding the emails sent to schools this year, not much progress has been made as VPN companies are reluctant to share information. It appears that the same encryption method was used in these emails as well. For agencies, it is challenging to obtain the exact IP address that reveals the sender’s location,” the official stated.
As many as 25 flights of Indian airlines received bomb threats on Sunday, causing hardships to hundreds of passengers and forcing authorities to move scores of planes to isolation bays at airports concerned for detailed checks. The developments came a day after more than 30 flights of various Indian carriers received bomb threats. This week, nearly 100 flights received threats sending security agencies into a tizzy. The threats later turned out to be hoaxes.
Six flights each of IndiGo, Vistara, Air India and Akasa Air, and at least one flight of Air India Express received the threats on Sunday, according to sources.
Against the backdrop of bomb threats, mostly through social media, to airlines, the Bureau of Civil Aviation Security (BCAS) held a meeting with representatives of airlines on Saturday.
In May this year, at least 100 schools in the Delhi-NCR area received bomb threats via emails though nothing objectionable was found in the end and investigation has also not been able to detect the faces behind such hoax mails so far.
Pointing out that the authorities were strictly following the security protocols in the face of the hoax threat calls, Mr Naidu said the government was contemplating to amend the Suppression of Unlawful Acts against the Safety of Civil Aviation (SUASCA) Act, 1982, and consultations for this are being held with other ministries.
“If you look at the last week, eight flights have been diverted. Each threat is assessed individually and our response has been efficient and dynamic. We are also not compromising on safety and security. Even though most of them are hoax threats, we cannot take them lightly. The lives of passengers are important, the security situation is important and protocol is important. We have enhanced security at airports,” the minister said.
Emphasising that the protocol was very rigid and strict procedures have to be followed, Mr Naidu said several meetings have been held with airlines and their opinion has been sought to minimise inconvenience to them as well as passengers.
“We are all working towards a common goal. Even one plane getting diverted or delayed is not what we want… There has to be some kind of deterrent and that is what we are doing with our planned amendments to the rules and the Act. We are working with the Ministry of Home Affairs and state law enforcement agencies to speed up the investigations into the threats. The safety and security of passengers and their convenient travel is our utmost priority,” he said.
“With the collective efforts of everyone, we are going to see a much better picture in the coming days,” the minister added. A key high-level meeting was also held in the Ministry of Home Affairs on Monday in which updates were taken from aviation security body Bureau of Civil Aviation Security (BCAS) and the Central Industrial Security Force, which is responsible for security at airports.
The Mumbai Police had earlier taken a 17-year-old boy into custody for issuing threats to four flights, including three on international routes. Police officials had said the teenager wanted to frame one of his friends, with whom he had a dispute over money. Over a dozen first information reports (FIRs) have been registered by the Mumbai Police and the Delhi Police in connection with the threats.
The bomb threats to flights has forced the authorities to activate the security protocols. Bomb threats can be reported through various channels – call centres, airports or even social media. Regardless of the medium, all threats are taken seriously and handled as per established protocols. Airline staff, trained to manage such situations, immediately relay the information to security agencies. Committees, consisting of representatives from airlines, airports and government bodies, are then formed to handle the threat and ensure that passengers are updated in real time.
Bomb threats on flights, even when they turn out to be hoax, trigger serious and immediate security protocols. Safety is a top priority in aviation, so all threats require thorough action. Each airport has its own Bomb Threat Assessment Committee (BTAC), which includes officials from CISF, BCAS, the airline and the airport operator.
The BTAC evaluates each threat’s credibility based on factors like specificity, timing and source. If the BTAC deems a threat credible, the Air Traffic Control (ATC) informs the flight crew, often leading to flight diversion or landing at the nearest airport. If the threat is non-specific, the flight may continue as planned, but precautions are still in place.
The security procedures followed upon landing the flights included moving of the planes to isolated bays for passenger de-boarding, baggage, cargo and catering materials are thoroughly inspected using sniffer dogs and screening equipment and If nothing suspicious is found, the flight is cleared to resume operations.