AHMEDABAD — In a development that has rocked India's cybersecurity landscape, the Gujarat Anti-Terrorism Squad (ATS) has arrested Jasim Shahnawaz Ansari, an 18-year-old youth from Nadiad, for allegedly orchestrating over 50 cyberattacks on Indian government websites. The attacks reportedly intensified after India launched Operation Sindoor in May 2025—a military retaliation to a terror strike in Pahalgam.

According to officials, Ansari, along with other juveniles, formed a Telegram group called AnonSec, where they coordinated Distributed Denial of Service (DDoS) attacks using free tools sourced from platforms like GitHub and Termux. The targets included critical government domains in the defense, aviation, finance, and urban development sectors. In several cases, they posted anti-national messages such as, "India may have started it, but we will be the ones to finish it," on defaced websites.

Investigators said the group used YouTube tutorials and open-source software to learn Python programming and execute attacks. Ansari allegedly used tools like PyDroid to overwhelm government servers with digital traffic. The ATS believes the group learned to verify the success of their attacks using platforms like checkhost.net and then bragged about their exploits in online chat groups.

While many of the attacks were rudimentary in nature, the sheer volume and timing—coinciding with Operation Sindoor—raised red flags across intelligence agencies. The Gujarat ATS initiated surveillance and monitoring after picking up chatter on cyber-forums related to India's military activities and eventually zeroed in on the Telegram channels where attack blueprints were openly discussed.

What has stunned investigators is not just the audacity of the attacks but the demographic behind them. Ansari, a class-12 science student who reportedly failed recent exams, is part of a growing group of minors involved in cyber subversion. ATS officials confirmed that at least one more 17-year-old juvenile is under the scanner.

The ATS is now probing whether these teenagers acted alone or were encouraged by foreign handlers. "There is a possibility of influence from external hostile entities. We are examining digital footprints to uncover any deeper affiliations," said a senior ATS official. FIRs have been filed under Sections 43 and 66F of the IT Act, pertaining to cyber terrorism.

As India faces an evolving threat matrix that includes both physical and digital fronts, the arrest of a teenager behind such coordinated cyberattacks raises troubling questions about national resilience, online radicalization, and the ease with which digital warfare can be weaponized by the young and angry.