Home Crisis Management Lessons Learned from the 26/11 Mumbai Terror Attacks
Lessons Learned from the 26/11 Mumbai Terror Attacks

Lessons Learned from the 26/11 Mumbai Terror Attacks

Start an intelligence studies degree at American Military University.

By Joshua Kelley, student, Intelligence Studies at American Military University

In March 2019, the movie Hotel Mumbai was released, reigniting public interest in the complex and coordinated terrorist attacks in November 2008 in Mumbai, India (also referred to as 26/11).

The preplanned, highly coordinated series of attacks were carried out by members of the Lashkar-e-Taiba (LeT) terrorist organization, who also refer to themselves as the Army of the Righteous. Beginning on the evening of 26/11, they set out on a four-day attack in the coastal city.

The LeT attackers traversed more than 500 nautical miles of open sea from Kashmir to the port of Mumbai in a stolen Indian trawler vessel. Ten LeT attackers, initially split into one team of four and three teams of two, carried out seven to 10 individual, but coordinated attacks. The attacks included improvised explosive devices, armed assaults, grenade attacks, carjacking, drive-by shootings, murder, barricading, and hostage-taking situations.

The terrorists attacked two popular hotels, including the famed Taj Mahal Palace Hotel where 1,700 people were located that night. The attack at the Taj Hotel only narrowly missed American statesman, Henry Kissinger, and Israel’s deputy foreign minister who were staying at another popular hotel frequented by Western tourists and diplomats. The terrorists also attacked a busy train station terminal, a hospital, a Jewish community center, a movie theater, and a Jewish-owned café.

In all, these attacks left 165 persons dead (among them 26 foreigners); 300 other individuals maimed or wounded; and nine terrorists dead. The attack is estimated to have caused $30 to $40 billion in economic damage.

Highly Coordinated Attacks with Military Precision

The terrorists demonstrated a high degree of planning, preparation, expertise, and execution. They were able to sustain the attack for approximately 60 hours due largely to their protracted and militaristic training cycles. The complexities of the coordinated urban attacks imply significant paramilitary training from unscrupulous sources.

The attacks were supported with unprecedented command and control led by coordinators in nearby Pakistan. These coordinators directly supervised the attacks and monitored Twitter feeds, television broadcasts, and internet activity about the unfolding events. This allowed them to provide terrorists on the ground with real-time instructions and situational awareness. The group also set up satellite communication and other systems to aid in extensive command and control capabilities.

It is believed the terrorists spent more than 18 months preparing and planning the series of attacks. Perpetrators accessed satellite images of the terrain and sketches of building interiors, which gave them a detailed understanding of the Taj Hotel’s layout as well as nuanced details of other attack sites. They also conducted detailed in-person reconnaissance and physical surveillance to prepare for the attack. One perpetrator conducted numerous physical surveillance missions within Mumbai and exchanged indicting emails with LeT senior planners. The terrorists also spent time learning urban land navigation and how to get around the large, sprawling city of Mumbai. They also learned how to build, handle, and deploy explosives.

The precision and coordination of the attacks made it incredibly difficult for law enforcement to effectively respond and stop the attack. The attacks killed many of India’s top first responders, leaving authorities stunned and handicapped. Although the Home Minister deployed India’s counterterrorism response force and the National Security Guard (NSG) within two hours of the attack, it took considerable time for them to deploy to the areas under attack because of a lack of crisis response readiness, insufficient equipment availability, and minimal knowledge or planning among government agencies regarding resources.  The NSG, for example, were not on scene until the following morning, a full 10 hours after the attack began. Unfortunately, many victims had been killed by that time.

Who Are the LeT and Why Attack Mumbai?

In the 1990s, when the LeT terrorist organization began, members were based near the city of Kashmir, Pakistan and campaigned as Kashmiri separatists. Their mission has since evolved and today, the LeT have an Islamic jihadist agenda, maintaining close ties to the Pakistani Inter-Services Intelligence (ISI).

The LeT voiced possible motivations for the 26/11 attacks via telephone interviews with news broadcasters during the attacks. Based on the facilities and personnel they chose to target, experts believe there was an anti-India, anti-Israel, and anti-West motivation behind the attacks.

The attackers likely chose the city of Mumbai because it is a center of commerce as well as a tourist destination, thus affording the attackers ample opportunity to perpetrate devastating violence. The terrorists indiscriminately fired at helpless victims at many of the city’s highly trafficked tourist attractions in order to cause the most carnage and capture the world’s attention.

Could the Attacks Have Been Stopped?

None of LeT’s online or physical preparations for the attack were recognized or acknowledged by the public, Indian security officials, or other intelligence agencies. During the 26/11 attacks, the terrorists exploited the jurisdictional seams that existed among agencies along the Indian coast and as a result were able to break through undetected by authorities. The terrorists capitalized on the poor port security of Mumbai and approached in a rubber dingy. The rest is history.

After the attacks, it was discovered that British, American, and Indian intelligence agencies all had pieces of intelligence indicating an upcoming attack on the shores of Mumbai. It was even revealed after the attacks that the U.S. intelligence community (IC) had actually warned the Indian Research and Analysis Wing (RAW), an equivalent to the CIA, of possible attacks in mid-October 2008.

RAW had also intercepted pre-attack transmissions from LeT members about sea-borne attacks against India. There were hints of LeT surveillance operations, but terrorist planners went undetected. These indicators remained unshared and ignored until after the opening shots of the terrorist attack.

Ultimately, RAW was unprepared for a maritime attack and did not anticipate a coastal hostile penetration through its congested waterways. The Indian authorities focused their intelligence collection efforts away from their own coastal waterways, which allowed the LeT terrorists to infiltrate through the maritime entrance.

Lessons Learned from the 26/11 Attacks

Security services must do a better job of monitoring open-source and self-reporting online outlets including social media platforms. Intelligence agencies must actively monitor these platforms for indicators of terrorist activity as well as discussions that occur during an attack. It’s also important for security agencies to dissuade the public from disseminating operationally sensitive information during an attack, which could compromise rescuers and victims alike.

Another important lesson is that of maintaining a coherent counterterrorism strategy that emphasizes the protection of high-threat locations. The Indian government was not prepared for the scope of such an attack in such a densely populated location. The Indian government, and governments around the world, must constantly improve their crisis response strategies and enhance the capabilities of respondent forces and investigative agencies.

Finally, improvements must be made to counter-surveillance operations. The Indian intelligence apparatus must enhance their ability to analyze information shared with them through liaison relationships, which is the crux of a security organization’s responsibility. It should also encourage the public to remain vigilant for suspicious behavior, whether in-person or online.

While the scale of the 26/11 terrorist attacks was something the world had never seen before, the lessons that have emerged from them can help governments better prepare for, and respond to, future devastating attacks.

About the Author: Joshua Kelley is an active-duty member of the United States Army Special Operations Forces Community with 18 years of experience in weapons, tactics, intelligence analysis, and operations. He is currently a student at American Military University, earning his bachelor’s degree in Intelligence Studies. To contact the author, email IPSauthor@apus.edu. For more articles featuring insight from industry experts, subscribe to In Public Safety’s bi-monthly newsletter.



  1. Greetings Joshua,

    Thank you for your service. The coordinated attactacks, or the name I like to assimilate them with is orchestrated attacks, were methodical and strategically a practice for a more larger scale event in the future. As we know and not have learned from history, it maybe years before the true event unfolds. And, the demographics maybe inconsequential to the practice events.

    I enjoyed your article. It was a good read.


Your email address will not be published. Required fields are marked *