Mumbai Attack Was Tip of the Iceberg

The latest open source intelligence reveals that the late November attack in Mumbai was designed to replace another plot that Indian government counter-terrorism forces successfully disrupted earlier this year. Examining the evolutionary track of these attacks provides insight as to how the threat is evolving and hints at what is coming in the uncertain future.

It seems the first group of attackers conducted preliminary reconnaissance of the same locations that were targeted by their successors. The potential attackers were also equipped with the same package of heavy assault rifles, pistols, explosives and grenades that were utilized to great effect during the attack, particularly at the Oberoi and Taj Palace hotels. The group, comprised of both nationals from Pakistan and, notably, India itself, was detained in February of this year.  They divulged that they had been trained in Pakistan to conduct the raid and not return alive.

The attack was aborted when police took apart the network due to quality intelligence work. As a result, the terrorist network had to reboot the raid with new operatives, equipment, and a support network within India's borders. At first glance, it seems the second attempt is an exact replica of the first, with different actors but the same tactics. However, there are some fundamental differences that reveal the true nature of the attack.

Local human intelligence networks provide insider information that is essential when planning to overrun a city. The most efficient road transit routes, where people cluster at night, how long police forces take to respond, and identifying prominent city dwellers are just a few areas where localized knowledge can prove invaluable. However, this intelligence does not come without risks.