Escaping the honey trap

How India can deal with an age-old spy craft that has been reinvented for the digital age

October 23, 2019 12:02 am | Updated 09:45 am IST

”For millennia, spies across the world have used sex to encircle people and get access to valuable information.” The Same Sky, a 2017 TV series, revolves around the relationship between an East German ‘Romeo’ agent and his female target in the West.

”For millennia, spies across the world have used sex to encircle people and get access to valuable information.” The Same Sky, a 2017 TV series, revolves around the relationship between an East German ‘Romeo’ agent and his female target in the West.

In June, it was discovered that a Pakistani spy going by the Facebook name “Sejal Kapoor” had hacked into the computer systems of more than 98 personnel of various defence forces, including the Indian Army and the Indian Air Force, between 2015 and 2018. “Sejal” had lured these personnel (mostly men) by using the oldest trick in the book — honey traps — served with a new-age digital twist. She showed them videos and pictures via a malware originating from West Asia. Amongst other things, classified details of the BrahMos missile programme were leaked to Pakistan. Two viruses, Whisper and GravityRAT, were used with more than 25 Internet addresses to mask her actual identity.

Malware is short for malicious software. It is designed to either gain access to or damage someone’s computer network. For example, ransomware is a kind of malware. Compared to traditional methods of honey trapping, this operation was swift, clean, and without any physical risk to the enemy. Moreover, unlike physical affairs, this one was scalable — “Sejal” managed to lure multiple targets simultaneously.

The Military Intelligence wing together with the U.P. Anti Terrorist Squad cracked the “Sejal” case leading to the arrest of BrahMos senior engineer, Nishant Agarwal. There is no estimate of how many more are yet to be exposed, since malware can lie dormant for months or years before being detected. To give an idea of the danger, Facebook admitted that up to 270 million of its accounts are fake. These are mostly bots or honey traps.

History of honey traps

In the world of intelligence, information is the principal currency. Sex, or the promise of it, has always been an enigmatic subject. For millennia, spies across the world have used sex to encircle people and get access to valuable information. Some years ago, MI5 released a memo warning British banks and businesses against the threat of Chinese ‘sexpionage’. During World War II, Salon Kitty, a Berlin brothel, was used by the German intelligence service for espionage. Before the fall of the Berlin Wall, East Germany recruited men to seduce women in important positions in West Germany. The story of such ‘Stasi Romeos’ is well documented in Marianne Quoirin’s book, Agentinnen aus Liebe ( The Spies Who Did It For Love ). By some accounts, the Soviet Union had a school called State School 4 in Kazan, south east of Moscow, which was used to train officers in the art of honey trapping.

Today, the nature of honey trapping has changed. With all aspects of our life turning virtual, from shopping to dating, it was only natural that the art of honey trapping too would turn digital. There are two ways of entrapping someone online. The first is via a social media profile, by infecting their lives and devices. The second is to find someone on adult sites and inject malware into their phones and computers. According to reports, three of the world’s 20 most visited websites are pornographic-related sites. It is important to note that 25% of all Android malware is porn-related. A 2017 study found that a hacker collective known as KovCoreG had been targeting millions of users of the site PornHub, tricking them into installing viruses on their computers. Such an effort can lead to long periods of blackmail and information-sharing; sometimes it is a one-off intelligence grab. It is also important to note that women are as vulnerable to the same hacks as men in honey trapping.

What is the modus operandi for honey-trapping people? According to a report, a young and pretty woman may ‘like’ the photographs posted by a soldier on social media and leave a comment saying something like, “Wow, Jai Hind!” or “Thank you for keeping us safe”. The conversation eventually moves to intimate messages over WhatsApp. It turns out later that this online patriot woman is actually a spy looking to extract valuable information through blackmail.

Cracking the whip

So, what is India doing about this? In February this year, in a written response to a question in the Rajya Sabha, Minister of State for Defence Subhash Bhamre said the Army reported two cases of honey-trapping in 2015 and another two in 2017. The Indian Air Force reported one case in 2015, while the Navy did not report any. As a result, advisories were issued. The military intelligence is carrying out selective checks on phones, laptops and desktops of officers and soldiers in sensitive areas, sources say. The Army has described honey-trap cases as a weapon of hybrid warfare being waged by the enemy across the borders. Army Chief General Bipin Rawat has cracked the whip on social media usage. A list of dos and don’ts have been prepared. An information warfare team is being set up at the Army headquarters. Suspected Twitter handles and Facebook accounts have also been identified.

What India can do

There are other countermeasures that must be employed. For example, the Federal Bureau of Investigation runs fake child pornographic websites to catch offenders of the same crime. Other measures that India could take include investing in the latest technologies for early and better detection of viruses; conducting frequent workshops to sensitise defence personnel against cyber risks; conducting timely reviews and audits of all devices; developing better protocols in the event of contamination; developing a methodology to embed dormant malware in all sensitive data and devices which will be able to track the bad actors and destroy the documents with a programmed kill switch; and developing a doctrine to hit back. The Defence Cyber Agency should be leveraged towards this end. Besides this, best cyber practices must be built amongst fresh recruits.

From killer drones to cyberattacks, modern warfare is becoming more and more faceless. Moreover, unlike conventional warfare, the cost and barrier to entry into enemy territory has gone down drastically. Malware is readily available on the darknet to anyone with a cryptocurrency wallet. So, every keyboard is practically a weapon.

In this information age, the enemy will be relentless and continue to invest and recruit heavily in these methods. India needs to act fast to deter such threats.

Vinayak Dalmia is a lawyer and writer. He is an expert on issues of national security, technology, geopolitics & foreign affairs. Email:

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.