Are we going to see more Mumbai/Paris style of terror attacks?

The terrorist attack in Paris last week was a rude reminder of the Mumbai attacks in November 2008, where at least 164 people were killed over three days. This style of terrorist attack, wherein multiple gunmen enter a city, disperse to several different locations and indiscriminately shoot locals, will be seen far more often in the future. The viability of such an attack was first put to test in Mumbai, when ten armed men entered the city from the sea and targeted crowded spaces. It succeeded nightmarishly. Several terrorist organisations, including ISIS, have since hailed the 2008 Mumbai attacks and have warned of replicating it to target cities in the West. Is Paris the first of many such attacks?

Maximum damage

Over the years, national and international surveillance and intelligence agencies have become more sophisticated as sharing has increased. This has made it harder for terrorist organisations to procure materials and assemble high-intensity bombs. Therefore, more terrorist organisations are now considering fidayeen style attacks to cause maximum damage and increase panic across the city.

This technique has two key facets - multiple targets and hostage situations.

Multiple targets

Multiple gunmen in different locations makes it easy to spread panic. The gun attacks at the restaurants and explosions outside the Stade de France helped created panic among people and confused security forces. Similarly, initial reports during the Mumbai attacks led the security forces to believe that a gang war was on. And the simultaneous gun attacks at CST railway station and Leopold's led to hysteria, chaos and panic, playing into the terrorists' strategy.

In both cases, the gunmen chose multiple targets, with the criteria of maximum damage and maximum news coverage. Radio transmissions picked up by Indian intelligence after the Mumbai attacks revealed that the attackers specifically attacked the Jewish locality for maximum impact.

Similarly, targets like the Taj Mahal Hotel and the Trident were selected to target expats, foreigners and high net-worth individuals.

After the attacks on Paris, ISIS justified its attacks on the football match and rock concert by calling them perverse and added that the two places were chosen after much deliberation. Choosing these mass gatherings ensured maximum damage.

The attackers chose a range of targets of what they perceive as symbolic of the enemy. This method of diversifying targets creates confusion amongst security personnel as they are unsure of what may occur. This also reduces their effectiveness as they are required to split. Moreover, strong counter-terrorism measures have increased the dependency of terrorists groups on diversifying targets. It also acts as psychological warfare on the state as security mechanisms are left clutching at straws.

Taking hostages

Targeting mass gatherings also allows terrorists to take hostages and hold the city to ransom. In Mumbai, the gunmen held hostages at the Chabad house, the Jewish centre in Colaba; and the Taj and Trident Hotels. Taking hostages allows for long attritional battles, reducing the effectiveness of the security forces. At the Bataclan Concert Hall, gunmen took over a hundred hostages before firing indiscriminately into the crowd. At least 87 people were reported killed at the venue.

Taking hostages gives terrorists groups an added advantage of negotiations, delays police intervention to ensure the protection of the hostages and gives the groups importance.

Why does this approach succeed?

This style of attack - spreading panic across the city and using holding patterns to prolong the siege - leaves intelligence and security agencies with a security nightmare as the city is forced to shut down. The panic caused threatens the very liberties and freedoms the country prides itself on and disrupts daily life.

Furthermore, it allows for further radicalisation to take place. As political parties step up their anti-Islam rhetoric in a bid to "protect their values", the disenfranchised individual starts finding support in extremist ideologies and is more easily radicalised.

Moreover, as security is stepped up immediately after an attack, terrorist organisations are usually seen issuing fresh warnings or sending out hoax messages of more planned attacks across the city. As in the case of the Paris attacks, terrorists took to Twitter and issued threats to blow up an Air France flight scheduled to take off from Schipol Airport on Saturday. The flight was grounded for three hours leading to successive delays in scheduled flights and economic losses.

Reliance on technology

Both attacks - Mumbai and Paris - were well planned and executed. In Mumbai, while there was intelligence of a possible attack in the city from the sea, the alerts were ignored. However, in the case of the Paris attacks, the French intelligence were in the dark and had no prior knowledge of a possible attack. It goes to show that the members of the terrorist group have managed to launch a sophisticated attack without coming under the scanner of local or international intelligence agencies.

ISIS has, in the past, recruited and trained skilled IT professionals to create secure communication apps that can bypass surveillance. Berlin-headquartered secure messaging app Telegram has also become a popular choice - in the last few months, a number of terrorist groups have announced their presence on it. The app also allows users to broadcast messages to subscribed users more easily. Both the ISIS and the Al Qaeda (responsible for the Charlie Hebdo shootings) have created multiple channels on the app and share content with thousands of users across the globe. The terrorist groups have been using this service for propaganda, recruitment, training and communication purposes.

Similarly, these groups have increased their presence on the Dark Web and have relied heavily on its use to buy explosives, ammunitions and blueprints of secured and restricted constructions. The Dark Web allows the groups to operate forums and webpages securely, safe from monitoring agencies, and allows them to distribute content across subscribers anonymously. The Dark Web keeps the identities of both the sender and the receiver hidden.

Thus, channels on clandestine messaging apps like Telegram cannot be monitored, and channels on the Dark Web cannot be blocked easily. These pose a huge challenge to security and intelligence agencies across the globe. The number of terrorist-related channels on both online communities has increased at an alarming rate in the last one year. While a crackdown on these two channels as a whole may be possible (and indeed, governments have blocked untrustworthy services/IPs before), it's not easy - even regular civilians are using these channels in greater numbers for privacy purposes. Therefore, it's much harder for intelligence agencies to keep a tab on them.

These channels are also becoming a fertile recruitment and training ground for terrorist groups. Most content shared by terrorist organisations on both the communities include tutorials on conducting attacks, launching cyber warfare, calls for lone-wolf attacks and fundraising.

Harder to detect

The Paris attack could very well have been masterminded on either of these online communities. The Dark Web and clandestine messaging technology ensure that terrorists can plan attacks in secret, without fear of snooping by intelligence agencies.

These communities also make it easier for lone wolves to come together and launch an attack, despite never having met once. They enable terrorists to launch successful coordinated attacks across multiple locations, leaving the target country in complete chaos and panic.

Thus, the use of technology has made it easier for terrorist groups to launch fidayeen-style attacks. The unfortunately successful attack in Paris will only encourage terrorist organisations to rely even more on technology and conduct more such attacks. Intelligence and security agencies are going to face tougher challenges in the times to come. They will have to adapt quickly and identify ways to monitor the Dark Web, to avoid groping in the dark.

At a physical security level, developing the capabilities to prevent such an attack in a European city will take time. The fact that terrorists were able to launch an attack outside a football stadium where the president of France was present is itself telling of the difficulty in securing such venues. In keeping with freedoms and liberties that their countries have to offer, it makes European cities an unfortunate, yet easy target. However, such ghastly terrorist attacks may force governments to issue stringent measures that allow for security personnel to be stationed at public spaces, set up metal detectors at entrances and subject audiences to pat-downs at theatres, cinema halls and other gatherings. This is a double-edged sword - the very thought of enforcing stricter security measures feeds into the hands of terrorists, while not doing so would allow for more such attacks to take place across European cities making them vulnerable.