return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

Commercial blindness: a "twofer" attack on the Indian state and US and European outsourcing assets


Documents seized from three members of the Lashkar-e-Toiba (LeT) terrorist group killed in an encounter with the police on Saturday revealed that they planned to carry out suicide attacks on software companies in Bangalore... "The terrorists planned to hit these companies in an effort to hinder the economic development of the country."

The LeT has a history of orchestrating attacks in India and its cadres are well networked, as well as very savvy with computers, gadgets and gizmos, making them very difficult to track. Some of its bold attacks include an attempt to storm the Indian parliament on December 13, 2001, which triggered a military standoff with Pakistan and brought the neighbors close to a fourth war; India also holds the LeT responsible for the killing of 37 and injuring more than 80 Hindu devotees assembled for prayer at the Akshardham temple in September 2002 in the state of Gujarat.

One must wonder how inattentive major US outsourcers can be, and how 'missing in action' that major consultancies such as Forrester can be, so as to not recognize the physical threat to core outsourcing facilities in India. Perhaps it is the mere continuation of the lesser lapse of failing to factor intellectual property (IP) theft risk in supposedly low cost areas. (See Intellectual property theft: the unspoken unknown of offshoring.) Even more curious is the effective absence of concern by Europeans who would normally have an attentive ear to the near and middle east. (The UK has a term EMEA for Europe, Middle East, and Africa to describe their version of the 'Near Abroad.')

The threat to IT and outsourcing assets in Bangalore and Hyderabad should be taken seriously despite the bland denials from Indian authorities who are understandably anxious to protect what amounts to the core of Indian economic revival:

India's software and services exports totalled $17.2 billion in the fiscal year to March 31 this year, up by 34.5 percent from the previous year... [Indian] exports of software and services are expected to grow by between 30 percent and 32 percent in the fiscal year to March 31, 2006. [In the year to March 2005] exports of IT software and services grew by 30.5 percent to $12 billion, while exports of business process outsourcing (BPO), call center, and related services grew by 44.5 percent to $5.2 billion. The growth in exports came despite fierce opposition last year to offshore outsourcing from politicians and workers unions in the U.S. The U.S. accounted for about 68 percent of India's outsourcing exports, with Europe accounting for another 24 percent.

Who can blame the Indians for keeping mum, but where are the US and European firms that should have a fiduciary responsibility to their stakeholders and to their clients who data and business continuity are in the possession of their Indian entities and outsourcing partners?

Bangalore has a large concentration of Indian software outsourcing companies, and a number of multinational companies have software development and chip design facilities in the city. IBM, Intel, Texas Instruments (TI), and Accenture are among those with operations in Bangalore. Two of India's largest software and IT services outsourcing companies, Wipro and Infosys Technologies, have their headquarters and large facilities in Bangalore. Bangalore also has some of India's key defense research and development organizations.

The only thing that the Indians have going for them is that the great unwashed commercial consumers in the West do not know who Lashkar-e-Toiba, Army of the Pure, really is. The South Asia Terrorism Portal overseen by a retired Indian police commander, K.P.S. Gill, is a sound source of basic information, unlike many other Indian sites which are merely anti-Pakistani or nationalistic (the South Asia Analysis Group comes to mind). SATP has much to say about Lashkar-e-Toiba here but I would net it out as follows:

LeT rose as part of the Mujahideen resistance against Soviet occupation in Afghanistan as the military wing of Markaz-ud-Dawa-wal-Irshad (MDI), an Islamic fundamentalist organization rising from Pakistan, where the US has been pressuring Musharraf to curb their activities. LeT's goals go far beyond regaining Muslim control of Jammu and Kashmir to recreating Islamic governance of India in union with other predominantly Muslim states surrounding Pakistan. LeT is now active in Jammu and Kashmir, India, Chechnya, again in Afghanistan from 2002 to date, Iraq, Bosnia and other garden spots. Think of LeT more as educated and skilled than peasants, e.g., an LeT activist, formerly an engineer with Hindustan Aeronautics Ltd (HAL) was arrested 14 May in New Delhi on a flight from Singapore:

The LeT has a history of orchestrating attacks in India and its cadres are well networked, as well as very savvy with computers, gadgets and gizmos, making them very difficult to track.

Like al-Qaeda, LeT cadres are generally not mercenaries out to make a fast buck from the cash-laden terror industry, but indoctrinated youths driven by the desire to kill in the name of a distorted jihad. The LeT derives most of its cadres from Indian Kashmir, as well as Pakistan, while mercenaries are usually renegade mujahideen from Afghanistan, with the intention of keeping the fire of terror burning in Indian-administered Jammu and Kashmir.

[The] terrorists visited Bangalore last December and surveyed the locations of many software firms. Police gathered this information from a diary seized from two captured associates of the slain terrorists. Similar evidence was gathered by the police from laptops recovered from the terrorists who attacked the Indian parliament, revealing detailed mapping of the parliament building before the attack took place. It is also worth noting that it is apparent that the LeT is trying to move beyond Delhi, the other area of its active operation apart from Kashmir, as the capital city has a very powerful intelligence network set up by government agencies to track their presence.

An LeT attack on outsourcers in India is a "twofer" in that an attack damages the Indian state and its ability for economic gain directly, and damages US and European firms indirectly -- where an attack on US soil would be prohibitive in terms of placing surveillance and strike teams on the ground:

Attacking software offices hits at one of the most international symbols of Indian success and could set off a wave of panic from potential foreign investors, as well as multinationals, that could hobble the rapid pace of India's economic progress. Such economic and cultural destabilization can only be the handiwork of international terror outfits that seek out targets that inflict maximum damage to people, as well as pass on a symbolic message.

I would support SATP's opinion that "LeT cadres [are] characterised by a level of brutality, which surpasses that of all other Pakistan-sponsored terrorist outfits active in J&K" and would rank them with the Chechens (also here) and the Algerian GIA (Groupe Islamique Armé) or Armed Islamic Group (also here).

The Jamestown Foundation, whom I respect, has this to say about the ability and likelihood of LeT to carry out attacks in India:

Notwithstanding its rhetoric and ambitions, LeT is unlikely to engage in serious terrorist operations outside the Indian subcontinent. Nevertheless, the potential for it to strike against Western targets in Pakistan and India is all too real, especially since it is under increasing pressure from all sides. Moreover the gradual improvement in India-Pakistan relations may motivate LeT to engage in spectacular operations to sabotage the tentative peace process.

FYI, the Indian home ministry has long been concerned with Muslim activities in the south Indian states of Andhra Pradesh, Karnataka, Tamil Nadu and Kerala which affects the cities of Hyderabad (India's Silicon Valley), Warangal, Nalgonda and Mahboobnagar in state of Andhra Pradesh; Bangalore and Gulbarga in the state of Karnataka; Malappuram and Palakkad in the state for Kerala; and Madras, Coimbatore and Ramanathapuram in Tamil Nadu.

Thoughtful outsourcers there should consider counterthreat and personnel security improvements in addition to IP theft mitigation.

Linkages between Jihadis of Singapore and India
A. S. Smiline Gini
Observer Research Foundation
14 June 2005

India's offshore outsourcing revenues grew 34.5 percent
U.S. accounted for about 68 percent of India's outsourcing exports
By John Ribeiro
IDG News Service
June 02, 2005

Delhi turns to the UN
By Siddharth Srivastava
Asia Times
Mar 12, 2005

The jihad lives on
By Amir Mir
Asia Times
Mar 11, 2005

Terrorists target India's outsourcing industry
Terrorist group planned to carry out suicide attacks on software companies in Bangalore
By John Ribeiro
IDG News Service
March 07, 2005

'LeT planned to target software cos in Bangalore'
Sify News
06 March , 2005

By Wilson John
Volume 3, Issue 4 (February 24, 2005)

Lashkar-e-Toiba, 'Army of the Pure'
South Asia Terrorism Portal

Gordon Housworth

Cybersecurity Public  InfoT Public  Intellectual Property Theft Public  Terrorism Public  
In order to post a message, you must be logged in
message date / author

There are no comments available.

In order to post a message, you must be logged in