How the Pahalgam attack forced a radical security shift in J&K

On April 22, 2025, a terrorist attack at Baisaran meadow near Pahalgam (Anantnag district, Jammu & Kashmir) killed 26 civilians — 25 tourists and one local p...

What Happened

On April 22, 2025, a terrorist attack at Baisaran meadow near Pahalgam (Anantnag district, Jammu & Kashmir) killed 26 civilians — 25 tourists and one local pony operator — and injured approximately 20 others.
The attack, attributed to militants linked to Lashkar-e-Taiba, was carried out by at least three armed terrorists using M4 carbines and AK-47s, targeting tourists in a popular high-altitude meadow.
In the one year since the attack, security agencies have implemented a multi-layered response: enhanced intelligence operations, technological verification systems, expanded Cordon and Search Operations (CASO), and institutional coordination.
Approximately 46 militants have been killed in counter-operations since the attack, including those linked to the Pahalgam incident.
The National Investigation Agency (NIA) formally took over the investigation from J&K Police on April 27, 2025.
The attack forced a significant rethink of tourist-area security, leading to the introduction of a QR code-based verification system for all tourism service providers in sensitive zones.

Static Topic Bridges

Cordon and Search Operations (CASO) — Counter-Terrorism Doctrine in J&K

CASO is a standard counter-insurgency technique used by Indian security forces in Jammu & Kashmir. It involves surrounding a suspected militant hideout with a multi-layer cordon (outer and inner), followed by a systematic search of the cordoned area. Joint operations typically involve the Indian Army, Central Reserve Police Force (CRPF), and J&K Police.

CASOs are conducted under the Armed Forces (Special Powers) Act, 1990 (AFSPA) in areas where AFSPA is in force; J&K's status under AFSPA has been progressively reduced — it was revoked from most of the Kashmir Valley in 2022.
Post-Pahalgam, the scope of CASOs was expanded geographically and extended beyond direct militant contact to include intelligence-based pre-emptive operations targeting financiers, overground workers (OGWs), and logistics networks.
The strategic shift marks a move from reactive cordon operations to proactive network dismantlement — targeting the entire terror ecosystem rather than only armed operatives.
Joint operations in Kulgam district (2026) extending over four or more days exemplify the more sustained operational tempo adopted post-Pahalgam.

Connection to this news: The security overhaul described in the explainer is premised on expanding and systematising CASO methodology beyond traditional hot-pursuit operations, reflecting lessons from the intelligence failures that preceded the Pahalgam attack.

The National Investigation Agency (NIA) — Jurisdiction and Role

The NIA was established under the National Investigation Agency Act, 2008, enacted in response to the November 2008 Mumbai attacks. It is India's central counter-terrorism investigation agency with suo motu powers to investigate scheduled offences across state boundaries without requiring state consent.

NIA has jurisdiction over offences under Acts including the Unlawful Activities (Prevention) Act (UAPA), Explosives Substances Act, Arms Act, and offences related to terrorism financing.
The NIA's mandate includes tracing financial networks of terrorist organisations — a significant aspect of post-Pahalgam investigation given concerns about external funding.
The MHA's Counter Terrorism and Counter Radicalisation (CTCR) division ordered the NIA takeover of the Pahalgam case, bypassing the conventional state police investigation.
NIA has concurrent jurisdiction with state police but in practice takes primacy once formally assigned.

Connection to this news: NIA's takeover from J&K Police signals the attack's categorisation as an externally directed terrorist conspiracy, warranting the highest level of investigative resource and inter-agency coordination including with intelligence agencies.

Tourism Security and Verification Infrastructure in Conflict-Affected Areas

The Pahalgam attack exposed a gap in security for remote tourist sites in J&K, where tourism service providers (pony operators, vendors, guides) had historically operated without systematic verification. The response has created a new model of layered civilian verification tied to digital identity infrastructure.

A QR code-based verification system has been deployed for all tourism service providers in Pahalgam and surrounding sensitive zones.
Over 7,000 registered workers (pony handlers, vendors, hospitality workers) have been issued unique QR codes linked to: name, address, Aadhaar number, mobile number, police verification status, registration details, and operational route.
Tourists can scan the QR code to verify a service provider's identity in real time — converting a passive security measure into a citizen-participatory verification system.
Each service provider underwent police verification and background checks before issuance.
The system integrates with Aadhaar, India's biometric digital identity infrastructure (governed by the Aadhaar Act, 2016), demonstrating a use case for national ID in security-sensitive contexts.

Connection to this news: This QR verification model may become a template for security at other vulnerable tourist sites in India. It also illustrates how technology — specifically digital identity infrastructure — can be deployed as an internal security tool.

Lashkar-e-Taiba and Cross-Border Terrorism in J&K

Lashkar-e-Taiba (LeT) is a Pakistan-based terrorist organisation banned in India under the UAPA and designated as a terrorist organisation by the United Nations Security Council (Resolution 1267 Committee). It has been responsible for major attacks including the 2008 Mumbai attacks.

LeT was founded in 1987 and operates from Pakistan with reported links to Pakistan's Inter-Services Intelligence (ISI) directorate.
The UNSC designated LeT as a terrorist entity in 2005 under Resolution 1267.
Its affiliated organisation The Resistance Front (TRF) has claimed responsibility for a number of attacks in J&K, including the Pahalgam attack.
India has repeatedly raised LeT-linked terrorism at UNSC, FATF, and in bilateral diplomatic channels demanding Pakistan act against designated terrorist groups on its soil.
FATF's grey-listing of Pakistan (2018–2022) was partly triggered by Pakistan's failure to act against LeT.

Connection to this news: The attribution of the Pahalgam attack to LeT-linked militants reinforces India's longstanding position at international forums that cross-border terrorism from Pakistan remains the primary security challenge in J&K.

Key Facts & Data

Pahalgam attack date: April 22, 2025, at Baisaran meadow, Anantnag district, J&K
Casualties: 26 killed (25 tourists + 1 local pony operator), ~20 injured
Weapons used: M4 carbines and AK-47 assault rifles
Attribution: Militants linked to Lashkar-e-Taiba (via The Resistance Front)
NIA takeover: April 27, 2025, ordered by MHA's Counter Terrorism and Counter Radicalisation (CTCR) division
Militants killed in subsequent counter-operations: approximately 46 (as of April 2026)
Persons questioned post-attack: more than 2,800; more than 150 taken into custody
QR-verified tourism workers in Pahalgam zone: more than 7,000
Tourist footfall in Pahalgam post-attack: 1,000–1,500/day (vs. 3,000–5,000 before attack)
NIA established by: National Investigation Agency Act, 2008
LeT designated by UNSC: 2005 (under Resolution 1267)
AFSPA revoked from most of Kashmir Valley: 2022