The brutal attack on Paris last Friday by the Islamic State of Iraq and Levant, or ISIS, which killed 127 people and injured over 300 more, was highly coordinated. Several spots in the French capital were targeted, including the stadium where a football match between France and Germany was underway, and French President Francois Hollande was in attendance.

The terrorists had to be well-coordinated to pull off an attack like this, not only during the planning and plotting stage but also at the execution stage. Recently, there have been several reports speculating that the terror group members may have used Sony’s Playstation 4 (a gaming console) to communicate with each other before the attacks instead of using encrypted mobile devices, like iPhone or Android devices.

It later turned out, though, that the reports were not accurate and there is no proof to establish with certainty that gaming consoles were used in the execution of the Paris attacks.

However, gaming consoles have the potential to be misused and ISIS is known to have used them in the past to communicate and store information.

Hard to monitor

According to a report in the International Business Times, communication inside console games is near impossible to monitor. Primarily, because of the large number of games available and the huge number of players involved in multiplayer games at any given time. Even Sony has admitted that PS4 has potential to be abused.

“Devices like PS4 use peer-to-peer communication, which makes it virtually impossible for cyber security forces to monitor. Communicating through mobile phones, emails or chat, and even WhatsApp is relatively easier to monitor since they use a client-to-server model,” Balwinder Singh, former Special Director at the Central Bureau of Investigations (CBI) said at a cyber crime conference held yesterday in Delhi.

In fact, according to a report in Gawker, in June this year, a 14-year-old Australian boy used a PS4 to reach out to the ISIS and downloaded blueprint of a bomb. He was later apprehended and sentenced to a two-year jail term.

It is astounding how easily a 14-year-old could communicate with the most-wanted terrorist group of the world despite the fact that multiple international security agencies are monitoring its movements.

How PS4 communication works

“The Playstation Network (PSN) allows video game players worldwide to meet and chat virtually. They can text one another and also make calls, through servers that cannot be monitored,” Dan Shefet, a French cyber crime attorney said at the conference.

As of early 2015, PSN has close to 110 million users – 65 million of them active – making it very difficult to monitor it constantly. Users, when they are online – often a large number of them are online at the same time – can communicate using text messages, visual messages and even voice chats during game play.

Meanwhile, in order for security agencies to monitor this form of communication, it would have to tap console activity by embedding themselves into the game during game play. In fact, Edward Snowden, the US whistleblower who leaked classified information of the NSA in 2013, had revealed that both the NSA and the CIA had infiltrated certain video games, such as World of Warcraft to track virtual terrorist meet-ups.

“The problems with infiltrating the video games, other than it being a peer-to-peer model, are many. First, it is an infringement of privacy which directly violates the First Amendment Act of the American Constitution; second, there are millions of such games that the terrorist can chose to communicate through, and security agencies don’t have the manpower or the technology yet to monitor them all,” David Aylor, a US-based cyber crime attorney revealed at the conference.

According to Aylor, other than using in-game modes of communication, attackers can also manipulate in-game elements. For instance: writing messages to each other by spraying bullets on a wall in first person shooter games like Call of Duty.

Terrorist invasion of the online medium 

Video games aren’t the only medium that terrorist may be exploiting. Crowdfunding websites are being set up by terror groups like Islamic State to fund their attacks. According to a report in ABC, about 190 people in Australia were supporting terrorism in the Middle East through financing and recruitment.

“The terror groups, time and again, have changed their methods. But the more appalling fact is that it is working for them and in the open. It doesn’t get more open than crowdfunding campaigns on social media websites,” Shefet said.

Online currency, such as Bitcoin, pre-paid cards loaded with fixed amount of electronic currency and even online payments are certain modes of payment in these crowdfunding campaigns set up by terrorist groups, according to Aylor. “These pose new kind of threats of terror financing, the kind the world security agencies weren’t prepared for,” he said.

And it is not just crowdfunding campaigns, terror groups have also taken to social media websites, like Twitter and Diaspora, to glorify their achievements, putting up pictures of their attacks and war ruins.

Modus operandi – Online terror financing

According to a recent report by Financial Action Task Force (FATF), an inter-governmental body developing and promoting policies to combat money laundering and terrorism financing, there are several examples of Facebook groups being made and tweets sent out seeking funding for a fake cause.

For instance, in 2013, a post was put up on a Facebook group for recipes in Germany. The post appealed for financial aid for Syrian fighters, who urgently required equipment, food and medicines and even provided bank account details. This was later tracked to be a terror-funding initiative, according to the report.

In another case, several suspected Canadian terror recruits were apprehended, who were using crowdfunding websites to raise money before they left Canada to join terror organisations. Similarly, there was another group apprehended in Russia for raising money using crowdfunding websites for Syrian refugees. 

Rise of online vigilantes and threat of cyber war

Less than a week after the attacks in Paris, ISIS became the target of one of the world’s biggest vigilante anti-terrorism campaigns called “Anonymous”. In a video released on YouTube on November 17, a person wearing a Guy Fawkes mask publicly declared war on ISIS. “Anonymous from all over the world will hunt you down,” he vowed. The person also mentioned other offensives Anonymous had launched since the Charlie Hebdo attacks in January this year.

However, intelligence agencies are worried about these vigilante activities as it could cause more harm than help in fighting this terror war. “We can’t just take their [Anonymous’] word for it. If tomorrow, they pinpoint a certain Twitter account or a Facebook profile suggesting that this account holder is a terrorist or the account is being used for terrorism, security agencies can’t act on the basis of that,” Aylor said.

The American cyber-crime attorney pointed out that the online hacktivist group (Anonymous) got it wrong in the Ferguson Cop Support Group case. Anonymous had claimed that it had identified members of the Ku Klux Klan (KKK) at a support rally for police officer Darren Wilson, who had shot and killed a black teen in Ferguson, Missouri. However, a person was also identified by Anonymous as being part of the rally.

“Not like we know who the members are of this group and what their end game is. For now, it may seem uplifting and reassuring that other than government agencies, individuals are also fighting the terror groups, but such vigilantes can’t be encouraged,” Aylor added. 

India – struggling to keep up

These new developments in the world of terrorism sound even more terrifying if you are living in India. Many law enforcement officials working at the ground level haven’t even heard of Twitter, let alone being able to track someone using it. We couldn’t prevent 26/11 Mumbai attacks where the terror group was communicating using cell phones, which can easily be tracked and monitored.

Moreover, our cyber laws-enforcement agencies are so weak that we haven’t even been able to eradicate online lottery scams or other online financial thefts.

Until now, ISIS has only looked to India for recruitment and not so much in terms of an attack on New Delhi or Mumbai. However, ISIS has been using regional terror groups to mount strikes in India.

“Though ISIS has not been able to establish any significant presence in India, its success in radicalising some youth, attracting certain section of the local population/Indian diaspora, or the possibility of piggybacking on terrorist groups operating in India have opened up the possibility of ISIS-sponsored action in Indian territory,” India’s Home Ministry told police officials in a note as reported by Reuters on November 18.

That just means one thing: India will need to seriously step up its game and work in tandem with foreign security agencies. Intelligence officials need to be trained better in cyber warfare if we are to even stand a chance to avert a Paris-like attack. It’s not going to be easy, but there’s not much of a choice.