More than 10 bomb threats targeted Indian carriers on Monday and Tuesday; many of them were posted on social media by unverified users
Air India airline passenger aircraft parked at the Chhatrapati Shivaji Maharaj International Airport in Mumbai, India. Photo: Reuters file
Bomb threats on flights are not to be taken lightly. Public safety is paramount and every threat should be considered real unless the suspect/s is/are identified and the authorities can confirm that the threat has been neutralised.
This was emphasised by UAE-based security and technology experts after a string of hoax bomb threats disrupted several Indian flights over the past three days.
“Any bomb threat may cause fear, panic, confusion, scepticism, chaos and disruption, among other psychological effects for passengers. It may trigger an excessive response, such as evacuating an airport terminal building or diverting an aircraft to land in the first available airport. The cost is exponential for airlines – every hour of disruption could cost an airline anywhere from $20,000 to $200,000,” Dubai-based IT security expert Rayad Kamal Ayub told Khaleej Times.
Stay up to date with the latest news. Follow KT on WhatsApp Channels.
“These actions may not be commensurate with the actual threat and entail huge financial costs, such as scheduling nightmares for airlines and airports, and disruption to hundreds or thousands of travellers,” he noted.
“But public interest must always prevail and every threat should be considered real unless the suspect is identified and the authorities can confirm the threat has been neutralised,” he underscored.
More than 10 bomb threats targeted Indian carriers on Monday and Tuesday. Many of them were posted on social media by unverified users, whose accounts were already suspended, Indian authorities noted.
Irene Corpuz, founding partner and board member of Women in Cybersecurity Middle East, said: “Any bomb threat can be terrifying for passenger. But they must cooperate with airline crew and security agencies.”
Irene Corpuz
“Threats are concerning but passengers should not be paralysed by too much worrying,” she added, assuring: “Authorities will treat any bomb threat as serious, unless proven otherwise.”
“The social media accounts of those who have posted the bomb threats have already been suspended. That's one action done, and investigations will continue,” Corpuz added, noting: “Authorities will use IP (internet protocol) tracking, metadata analysis, and collaborate with social media platforms, as well as international agencies.”
“The public on the other hand,” Corpuz advised, “must only look at legitimate sources to get further updates on the situation. They must always verify other sources and must be aware of deepfake, where AI (artificial intelligence) is used to replicate voices and even faces to make hoaxes or scams more realistic and believable.”
“The process of bomb threat assessment is not for the faint-hearted. It requires making a well-grounded decision on a potentially life-threatening scenario within a very limited time frame and, more often than not, with little information,” noted Ayub, who is managing director of Dubai-based Rayad Group.
Rayad Kamal Ayub
He added: “Any bomb threat, regardless of its classification, must be communicated to the local authorities in order for them to initiate an investigation. All details, including the decision-making process and the conclusions reached, should be provided to them as well as to the appropriate authorities.”
Ayub also highlighted the importance of selecting and training suitable assessors, along with implementing periodic exercises to test the effectiveness of the bomb threat management plan.
“Organisations that seek to protect both their interests and the wellbeing of the travelling public should understand the vital importance that this role plays in separating the wheat from the chaff, or, in this case, a genuine threat from a hoax,” he added.
Ayub also detailed how to identify the person/s behind the recent bomb threats, noting the process of identification would require painstaking hard work and lots of data analytics, as well as seamless coordination between law enforcement authorities (LEAs) and ISP/TSPs (internet and telecom service providers).
Ayub said the first step is to approach the ISP/TSP to identify the suspect’s IP and internet protocol detail record (IPDR).
“IPDR records would contain multiple users who were assigned a particular IP, so further analysis based on application usage patterns would be required to shortlist the suspect from other users identified,” he explained.
After narrowing down the suspects, authorities must carry out investigation on the suspect/s as per traditional practices.
He noted: “The probability of tracking IPs depends on the complexity of infrastructure used by the suspect. Seasoned criminals would leave no traces when communicating through Tor network (an overlay network for enabling anonymous communication.)
However, approaching CERT (computer emergency response teams) and private CTISP (cyber threat intelligence service providers) with relevant information available could prove effective in investigations,” he added.
Ayub underscored: “We need industry experts and the government to come together to solve these challenges and take the responsible entities to jail.”
ALSO READ:
Angel Tesorero is Assistant Editor and designated funny guy in the newsroom, but dead serious about writing on transport, labour migration, and environmental issues. He's a food lover too.