A new form of terrorism called ‘Cyber Jihad’, reportedly orchestrated by ISI-backed terror masterminds across the border, has been launched to bypass the strong counter-terrorism framework in Jammu and Kashmir.
The Counter Intelligence Kashmir (CIK) wing of the Jammu and Kashmir Police has uncovered and dismantled five digital modules that were running this operation. These modules were part of a broader strategy aimed at radicalizing local youth through encrypted online platforms, spreading extremist propaganda, and recruiting them into terrorist outfits.
Terrorist commanders have shifted their modus operandi, leveraging digital platforms under the banner of Cyber Jihad. They are now targeting vulnerable youth online, spreading misinformation, and recruiting for terror organizations using encrypted communication apps like Signal, Telegram, WhatsApp, Wire, and Session. These platforms are chosen specifically for their end-to-end encryption, making it difficult for intelligence agencies to intercept communications.
Initial contact is often made through public social media platforms such as X (formerly Twitter), Instagram, or Facebook. The handlers monitor posts expressing dissent or religious fervour and then move the conversation to private encrypted apps for indoctrination and recruitment.
Propaganda materialsranging from videos glorifying terrorism to fabricated stories of atrocities by Indian security forcesare shared with potential recruits. Audio messages invoking religious duty or “jihad” are also circulated. Terrorists often exploit youth dealing with political grievances, unemployment, or personal challenges.
The youth targeted are generally under 25 and come from specific socio-economic backgrounds. Handlers work to make them feel understood and connected, often posing as mentors or spiritual guides.
Pakistan-Based Network Behind Operations
Groups like Jaish-e-Mohammed (JeM), Lashkar-e-Taiba (LeT), The Resistance Front (TRF), and Hizbul Mujahideen (HM) are primarily behind these digital campaigns, with support from Pakistan’s Inter-Services Intelligence (ISI). A key figure identified in recent operations is Abdullah Ghazi, a senior Jaish-e-Mohammed member who ran a digital recruitment cell from Rawalpindi. Ghazi radicalized youth through encrypted chats, promoting terrorism as a path of valor and religious duty. His operation was sophisticated, involving step-by-step indoctrination, training, and task assignment.
The CIK, with support from Indian intelligence agencies, recently launched a major operation against this digital terror module. Ten locations across Srinagar, Budgam, Pulwama, and Ganderbal were raided. The operation used advanced surveillance tools like deep packet inspection, protocol bypass, and geo-tracking to trace Ghazis digital movements and dismantle his network. This was the fifth major cyber module busted by CIK.
Previous Cyber Modules Busted:
* Terror Funding Module (LeT): Operated by a Pakistani handler known as Sumama alias Babar alias Ilyas, this module focused on smuggling funds from Gulf countries to support recruitment and operations in Kashmir.
* Extortion Module (Hizbul Mujahideen): Run by Janbaaz Ghazi alias Ghazi Baba, this unit extorted money from local residents to fund terror activities.
* Courier Recruitment Module (Ansar Ghazwat-ul-Hind): * Managed by Baba Hamas alias Hanjullah, this group attempted to recruit youth as couriers for arms and ammunition.
* Religious Radicalization Module (Tehreek Labaik Ya Muslim – TLM): Led by the same handler, Baba Hamas, this faction pushed radical narratives and encouraged youth to join terror outfits.
CIK’s Response and Challenges Ahead
SSP Tahir Ashraf Butti of CIK confirmed that five digital modules have been neutralized so far, and several individuals have been arrested. He emphasized, “Pakistan is trying its best to radicalize local youth and push them towards terrorism, but our operations are ongoing to stop this recruitment drive. This effort will continue.”
The shift toward digital recruitment comes in the wake of a steep decline in local terrorist recruitment in Jammu and Kashmir. Official data reveals that only one new local recruit has emerged in 2025marking the lowest number in the past 36 years. A large portion of local terrorists recruited between 2019 and 2023 have been neutralized, and Over Ground Workers (OGWs) have also dwindled due to security crackdowns. This has forced Pakistan to rely on cyber tactics to sustain terrorism.
Online Recruitment Tactics
Handlers exploit personal vulnerabilitiesromantic issues, family disputes, or a desire for social recognition. Some youth are lured by religious rhetoric, others by promises of fame or money. Once radicalized, they are assigned roles such as transporting weapons, gathering intelligence on security forces, sharing propaganda material online and executing low-level attacks like grenade lobbing or graffiti campaigns.
Encrypted instructions often use coded languagebooks for weapons, meetings for attacks, and walks for arms movement. Recruits are promised financial rewards, with payments made via hawala, crypto, or anonymous cash drops, according to statements from arrested youth.
SSP Tahir Ashraf Butti reiterated, Our mission is to prevent youth from being misled. These efforts by the enemy are deliberate and systematic, but we are identifying modules, monitoring communications, and taking timely action. We will not let our youth be used as pawns in a proxy war.
Cyber Jihad has emerged as Pakistans latest tactic to continue its disruptive agenda in Kashmir while maintaining plausible deniability. The involvement of ISI, encrypted tools, and sleeper cells showcases a dangerous shift in terror operations, requiring continuous vigilance and advanced countermeasures.