Bomb threat mails targeting Delhi schools: The rise of cyber terrorism. We must fight back!
When you think of a school, what comes to mind? A place where children are being nurtured, where laughter fills the halls, and young minds are being shaped for the future, a place they consider a second home. But now, it is grappling with a chilling wave of bomb threats, turning these spaces of learning into battlegrounds of uncertainty.
In today’s digital age, a plethora of cybercrime has taken over, spreading fear across the globe, including the Indian national capital.
Since early 2024, more than 40 schools across Delhi have received bomb threat emails, causing panic among students, parents, and staff, serving as a clear warning sign of cyber terrorism.
These threats have triggered and caused mass evacuations and emergency responses across schools. While no explosives have been found, these incidents show a chilling truth: cyberterrorism is no longer a distant threat but an escalating reality we can no longer ignore.
Hoaxes or a coordinated campaign?
The growing cyber threats have been like a wildfire waiting to be ignited, with consequences we are not yet prepared for. Some experts warn about a coordinated campaign to spread fear.
> Around 30 private schools across New Delhi received bomb threat emails on Friday (Dec 13), following a similar incident on December 9 when 44 schools were targeted. The emails warned of potential explosions on December 13 and 14, claiming explosives on school premises powerful enough to “destroy buildings and harm people”.
> In November, a private school in Rohini received a bomb threat via email, which was later declared a hoax. A Delhi fire services team, along with police, bomb disposal, and dog squads, quickly arrived and searched the entire school.
> In October, several schools run by the Central Reserve Police Force (CRPF) across India received hoax bomb threats, sparking panic. Among the targeted institutions, two schools were located in the national capital, while one was in Hyderabad. The threats were communicated via email at night, as reported by ANI.
> In May, over 60 schools in Delhi-NCR were evacuated after receiving bomb threats, triggering widespread concern.
Authorities, including the Delhi Police and cybercrime units, have launched investigations, yet the perpetrators remain untraceable. Some experts believe the threats could be coming from local pranksters or international hackers using advanced methods to hide their identities online.
Need for a proactive response
It is crucial to implement strong cybersecurity measures and create a proactive governance framework. Below are steps that can help mitigate risks and prepare for defences for what lies ahead:
1. Strengthening cybersecurity measures
> Email filtering systems: Schools should deploy advanced email filtering systems to identify and block suspicious messages before they reach inboxes.
> Continuous monitoring: IT personnel should monitor school email accounts in real-time to flag anomalies and ensure a swift response. An incident response plan should also be in place to handle threats without causing panic.
> Encryption and audits: End-to-end encryption for email communications should be implemented, alongside regular cybersecurity audits to identify vulnerabilities.
2. Emergency preparedness in schools
Preparedness is critical to ensure student safety during such emergencies:
> Regular drills: Conduct evacuation and lockdown drills in coordination with local police to prepare students and staff for emergencies.
> Communication channels: Establish clear communication channels to keep parents informed during crises and reduce panic.
> Crisis response teams: Schools should create dedicated teams trained to handle emergencies and liaise with law enforcement effectively.
> Training Staff: Regular training for school staff on recognising and reporting potential phishing or threatening emails can improve response times.
3. Strong legal frameworks
> Tougher cyber laws: Legislators must introduce stricter penalties for issuing hoax threats to act as a deterrent.
> Improved digital surveillance: Enhance the capabilities of India’s cyber cells to track down anonymised threat actors using technologies like VPNs and TOR networks.
4. Swift action from government needed
The Delhi High Court has instructed the government to finalise Standard Operating Procedures (SOPs) for managing emergencies, outlining clear roles for all parties involved. Schools are advised to monitor emails carefully and report any suspicious messages to authorities immediately. The court has also directed that drills should be held to educate staff, students, and parents on emergency procedures. A centralised platform should be set up to help law enforcement respond more quickly, said the Delhi HC.
5. Insights from an expert in cybersecurity
In a discussion with Kabeer Rai Chabra, an M.Sc. cybersecurity graduate from the University of Birmingham and GPCSSI 2024 Intern with Gurugram Police, he highlighted the key role of ISPs (Internet service providers) in tracking individuals behind bomb threats to schools.
How ISPs can detect malicious content:
> ISP Role: ISPs should focus on spotting suspicious traffic and work with law enforcement by sharing information about threats, like identifying harmful IP addresses and websites.
> Deep Packet Investigation (DPI): It helps analyse metadata and unencrypted data to find harmful patterns, but it can be resource-heavy and may raise privacy issues.
> Alternative tools: Social media platforms and communication tools are better suited for monitoring targeted keywords rather than relying solely on ISPs.
> CERT’s role: A combined approach of metadata analysis and DPI, in collaboration with organisations like (India’s Computer Emergency Response Team) CERTs, can improve threat detection while maintaining privacy.
> Onion routing monitoring: Monitoring entry and exit nodes for timing and size of traffic can help identify the source, but it requires significant resources and is not foolproof.
Looking ahead
This is a wake-up call that demands immediate action from the Indian government and concerned authorities, as well as the cyber cell and special cell units, to ensure that the perpetrators do not succeed in causing panic across schools. While these threats have, so far, proven to be hoaxes, the psychological toll on children and their families is undeniable.
Now is the time to combat blackmail threats by strengthening cybersecurity and staying vigilant. By enhancing preparedness and encouraging cooperation between schools, law enforcement, and the government, Delhi can lead the way in effectively tackling these threats.
For obvious reasons, Delhi’s got nerves of steel.
Responses