wordpress blog stats
Connect with us

Hi, what are you looking for?

How VoIP Was Used For The Mumbai Terrorist Attacks: Aditya Mishra, IPS

IPS officer Aditya Mishra, speaking at the International Conference on Mobile Law in Delhi, explained how Internet Telephony is a cause for concern for security agencies, given that it is extremely difficult to trace the source of the calls, even though IP allows for recovery of all call related information, including call recordings.

During his talk at the conference, Mishra said that the terrorists involved in the attacks used a VoIP based service called Callphonex, based out of New Jersey, USA. Callphonex got an email from a mail id, kharak_telco@yahoo.com on 21st October 2008, from Kharak Singh from India, for starting a VoIP account. “To activate this Callphonex VoIP account, an initial payment of $250 was made by a Mohammaed Isfaq through a Lahore based agent, through MoneyGram. A Virtual number 0012012531824 was allotted by Callphonex, and it is the property of a Voxbone, a Belgian company, and was leased out to Callphonex, and a request was changed for allottment for 5 DID numbers (Direct Inward Dialers).” The calls are supposed to be coming for the virual US number, but they go to the five Austrian DID numbers, which are all virtual numbers, albeit mobile numbers.

“Many of the calls being monitored going in and out of the Taj Mahal Hotel were from this virtual number, by the Pakistani handlers to give an impression that calls were being made from the US, and not Pakistan. During the 58 hour siege of Mumbai, which led to over 180 people being killed, a total of 284 calls, running into 995 minutes were made by terrortsis using mobile phones from Taj Mahal Hotel, Oberoi, Trident and Nariman House to their handlers in Pakistan on this virtual number. During the attack, they were using Indian cell phone numbers that they had managed to get beforehand. These numbers received calls from the virtual number, and they made calls to the Austrian numbers. Later investigation revealed that over 150 test calls had already been made between November 24th and 26th, before the attack, and they had already practiced this. But they realized they (the account) was running out of money, so on November 25th, a second payment of 229 Euros was sent to Callphonex, from Western Union Money Transfer location called Madina Trading in Italy. The money senders name was Javed Iqbal, holding a Pakistani passport. This payment was communicated to Callphonex was communicated by Kharak Singh via his email address. On November 25th, two employees of Madina Trading company in the Northern Italian town of Gracia, 60 year old Mohammed Yakub and his son were managing the company, sent the money Callphonex using a stolen identity. The funds were transferred under the identity of another Pakistani who had never been to Italy, and was not involved with the attacks.”

Security Challenges

In case of an IP Network, Mishra explained, the IP Routing Logic is still managed by a service provider. Calls form the computer and the mobile phones are routed through the IP Network, and then from some server, somewhere in the world, it gets pushed to the ISD network.

“The interface could be anywhere in the world. The Belgian company could find a Brazillian server very cheap, or some African country where the ISD rates are very cheap. The laws across all these countries are very different. The thing that is worrying all of us is that while in GSM you have a standard protocol, behind that you have at least 20 fields of information that are carried with the call, in internet telephony, there is no standard protocol because its developed on the Internet, and the Internet doesn’t want any control. How and where the Internet call is pushed to the cellphone network, is not known. What happens is that there is just no legal framework, and what number would come here is not unknown to you.”

Advertisement. Scroll to continue reading.

Mishra offered to demonstrate this by morphing a call, to showcase how using the Internet, a person in any corner of the world, can manipulate your numbers and calls. He called for a balance between security and simplicity, saying that the idea is not to make the process burdensome.

However, Internet Telephony has its advantages too: “If the same thing had happened over the GSM network, we may not have been able to get all the data, but and thanks to the so called co-operation we had, and the Internet telephony, all the data and the conversations were completely recovered, which may not have been possible with a GSM network. Every bit of conversation – how the handlers were also watching TV, telling the terrorists where to go, with a running commentary. The Internet gives the agency more access to data, and maneuverability, which obviously should be accessed in a discreet manner. But, my appeal is that if you make the process simple for the consumer, it will go through. But you need a strong protocol of technology, so when we do want to access that, it is easy for the agencies.”

Also read:
Do You Need Permission For A Skype Call To India?
The Internet Telephony Policy Applicable In India – (via RTI)

Written By

Founder @ MediaNama. TED Fellow. Asia21 Fellow @ Asia Society. Co-founder SaveTheInternet.in and Internet Freedom Foundation. Advisory board @ CyberBRICS

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...


By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...


By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

You May Also Like


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ