Gujarat ATS Nabs 18-Year-Old in Nadiad for Orchestrating Series of Cyber Terrorism Attacks on Indian Government Websites
In a major development on the cybercrime front, the Gujarat Anti-Terrorism Squad (ATS) arrested an 18-year-old youth, Jasim Shahnawaz Ansari, from the town of Nadiad on Monday, for his alleged involvement in a series of cyber terrorism attacks targeting Indian government websites.
The arrest has sent shockwaves across intelligence and cybersecurity circles, particularly because the accused is just a teenager and had self-learned hacking techniques through free online resources.
According to statements released by the Gujarat ATS, Ansari was allegedly part of a coordinated cyber campaign carried out during April and May 2025, in which more than 50 official websites belonging to various Indian government departments were targeted.
These included sensitive portals linked to national defence, aviation, finance, urban development, and several state government agencies. Investigators say the intensity of the attacks surged following India’s launch of Operation Sindoor, a military response to the Pahalgam terror attack that occurred earlier this year.
Radicalized Online and Operating Under the Radar
The arrest was made following surveillance operations and intelligence inputs gathered through digital tracking. ATS officials revealed that Ansari was not acting alone—he was allegedly working with a group of other juveniles, some of whom are still being identified and traced.
The group had created and operated through a Telegram channel named ‘AnonSec’, a reference to ‘Anonymous Security’, where they planned and executed coordinated cyberattacks, specifically DDoS (Distributed Denial of Service) attacks. These attacks aim to crash websites by flooding them with excessive traffic, rendering them inaccessible.
What is particularly alarming is how Ansari learned to carry out these complex attacks. ATS officials disclosed that he taught himself Python programming using YouTube tutorials, downloaded hacking tools from platforms like GitHub, and operated these tools through Android-based apps such as Termux and Pydroid—both commonly used by amateur programmers and ethical hackers.
However, Ansari used them for malicious purposes, effectively turning free educational platforms into gateways for cybercrime.
Propaganda, Glorification, and Online Boasting
The Gujarat ATS further stated that once Ansari and his team launched attacks, they would verify their success using tools such as checkhost.net, a platform that allows users to test the availability and performance of websites across different global servers.
Screenshots of successful attacks were then posted in the Telegram group along with anti-India messages, celebrating their exploits.
One of the messages reportedly shared by the group read: “Hi India, we just took down your shield and servers.” Other posts reflected similarly aggressive and provocative sentiments, suggesting not only cyber malice but a deeper ideological radicalization.
After Operation Sindoor was initiated by India on May 7, 2025, the attacks intensified.
That same day, 20 Indian government websites were reportedly brought down or severely disrupted. Group members posted defiant messages such as, “India may have started it, but we will be the ones to finish it,” according to ATS officers.
Juvenile Network Under Scrutiny
The ATS is now probing the extent of Ansari’s network and whether the juveniles involved had any connection with foreign handlers or extremist organizations. One of the individuals associated with the group is reportedly 17 years old and currently studying in class 12, while Ansari himself had recently failed his class-12 science exams.
Officials are not ruling out the possibility that these youths were influenced or manipulated through encrypted platforms and are exploring digital footprints, online chats, and the origin of their tools for further clues.
“Our investigation aims to determine if Ansari and his group were operating independently out of curiosity and rebellion, or whether they were guided by external anti-national elements, possibly with international links,” said a senior ATS officer.
The ATS has registered an FIR under Sections 43 and 66F of the Information Technology Act, which deal with unauthorized access, data breaches, and cyber terrorism. These are serious offences, carrying severe legal consequences, including long-term imprisonment.
A Wake-Up Call for Cybersecurity Agencies
This incident has raised red flags across India’s cybersecurity and law enforcement networks. Experts warn that young, tech-savvy individuals with ideological motivations or personal frustrations are increasingly turning to cybercrime as a means of expressing dissent or asserting control.
The Ansari case demonstrates the urgent need for digital literacy, mental health counseling, and online radicalization prevention efforts among young internet users.
Authorities are continuing their investigation to trace all the co-conspirators involved in the cyberattacks, examine the full extent of the damage done to digital infrastructure, and fortify vulnerable government networks against similar threats in the future.
