ON April 29, 2026, the Punjab Police apprehended four individuals implicated in the attempted detonation of a railway track near Shambhu in Patiala district on April 27. Described as “radicalised habitual criminals", these suspects operated a Khalistani terror module with logistical and financial support from Pakistan’s ISI. Pardeep Singh Khalsa, the module’s leader, maintained operational links with Malaysia-based Khalistani operatives and Pakistan-sourced arms suppliers.
This incident was followed by twin blasts on May 7, the anniversary of Operation Sindoor. The first blast occurred near the BSF Frontier Headquarters in Jalandhar and the second took place near the Khasa cantonment area in Amritsar. A little-known Khalistan Liberation Army claimed responsibility for the Jalandhar blast and threatened more attacks.
While these blasts were symbolic in nature and did not result in any casualties, they demonstrated the capability of terrorist organisations to execute their nefarious designs in Punjab at places and times of their own choosing.
These incidents underscore a persistent pattern of transnational criminal networks exploiting Punjab’s vulnerabilities to execute sabotage, assassinations, extortion, drive-by shootings and attacks on police posts. However, law enforcement agencies continue to rely on reactive measures, thereby responding only after threats have manifested, and this sustains the ongoing cycle of violence.
A paradigm shift towards proactive measures, focussed on monitoring electronic and physical signatures, is essential to neutralise anti-national elements systematically. It is an accepted fact that the criminals are extremely vulnerable during the pre-attack cycle — receiving instructions from their handlers, the processes of information and resource-gathering, and reconnaissance of their intended targets.
The Shambhu plot and the twin blasts within 10 days are part of an escalating continuum. Intelligence reveals that Khalsa’s network procured commercial explosives, assembled IEDs and reconnoitred targets — hallmarks of ISI-orchestrated modules.
This aligns with the 2025 trends: over 25 incidents, including assassinations and grenade attacks, were traced to Canada/UK-based gangsters. These actors leverage encrypted communications, UAVs for arms smuggling, and radicalisation via social media to recruit local proxies, often disenfranchised youth. These cases, as per NIA dossiers, reveal commonalities: foreign directives via apps, local execution and detectable precursors.
Proactive disruption hinges on intercepting signatures emitted before an attack. Electronic traces (communications, finances) and physical indicators (reconnaissance) offer actionable intelligence windows. To disrupt this cycle, the Punjab Police must institutionalise signature-based monitoring — discrete electronic and physical indicators preceding attacks.
This demands a multi-layered framework. There is a need to establish a state-wide information grid, integrating panchayat leaders, ex-servicemen and community watch groups. Incentivised reporting protocols for precursors, like bulk chemical purchases or covert assemblies, should also be put in place.
A dedicated mobile application, integrated with the Punjab State Intelligence Grid, would enable geo-fenced, real-time alerts. Analytical fusion centres must corroborate HUMINT (human intelligence) with open-source intelligence, reducing false positives.
Terror operations also emit detectable digital footprints. In this regard, stringent SIM verification via Aadhaar linkage, monitoring unusual increases in cellular traffic in particular areas and tracking suspicious coded telecommunication intercepts under the expanded IT Act powers would be helpful.
In Shambhu, pre-attack communications with Malaysia could have triggered automated alerts. Utilisation of AI-driven content moderation on platforms like Telegram should also be carried out to identify radicalisation vectors.
Criminals generally provide suspicious signatures to a vigilant person who may be in the vicinity. Public contribution to counter this activity will make it extremely difficult for terrorists to further plan and execute their nefarious designs and may lead to disruption of their plans.
This observant and security-sensitive attitude needs to be sustained at all times so that it becomes second nature. At present, emphasis is placed on it for a few days after a terrorist attack has occurred, lulling everybody into complacency soon after.
Reactive policing yields tactical successes like post-incident arrests but fails strategically. Security of the citizens entails preventing, deterring, pre-empting and defending against attacks. Prevention involves countering threats before they become manifest. In the final analysis, the major element of prevention is detecting threats in advance, with enough specificity and warning to take preventive action.
India already has an extensive technology base and much of the available technology can be adapted for deployment in the fight against terrorism. Punjab needs to reorient its law enforcement and counter-terrorism approach to prevent incidents rather than react to them.
