This assessment examines critical lapses in intelligence and counter-terror oversight that enabled Sheikh Sajjad Gul—now identified as the mastermind of the April 22, 2025, Pahalgam terror attack that claimed 26 lives. The intelligence failures allowed him to operate undetected across multiple Indian states, reestablish terrorist infrastructure, and lead a Pakistan-backed proxy group from abroad.
Gul’s long-standing involvement in terror activities dates back to his 2002 arrest in Delhi with 5 kg of RDX. Despite a conviction and 10-year prison sentence, his post-release trajectory reveals severe blind spots in monitoring, tracking, and inter-agency coordination. After reportedly relocating to Pakistan in 2017 and assuming leadership of The Resistance Front (TRF)—a Lashkar-e-Toiba (LeT) front—he orchestrated several high-profile attacks in Jammu and Kashmir.
Of particular concern is the revelation that Gul stayed in Kerala to pursue a lab technician course, a fact that remained unknown to state intelligence units until recently. Furthermore, he successfully established a diagnostic lab in Kashmir that allegedly served as a logistical hub for militant operatives. These developments expose significant systemic failures in threat profiling, cross-state data sharing, and post-conviction surveillance.
This report provides a brief framework to analyze where, how, and why intelligence mechanisms failed. The objective is to inform policymakers, security agencies, and intelligence professionals seeking to identify and plug operational gaps before they are exploited again.
NOTE: This is a living document. We will continue updating this assessment as new information emerges and as we draw comparisons with relevant past cases. For the latest version, we encourage readers to revisit this page regularly.
If you value the work we do at GreatGameIndia and want to support our continued investigations and intelligence reporting, we urge you to subscribe to GGI for just $10/month. Your support makes independent analysis like this possible.
Gul was convicted in 2003 for plotting serial blasts in Delhi and served a 10-year sentence. Post-release, he relocated to Pakistan and rejoined terrorism under ISI patronage, eventually leading the TRF.
After prison, Gul set up a diagnostic lab in Kashmir, which was used to support terror operatives. This suggests a complete lapse in monitoring his reintegration and movements post-release.
Despite Gul’s background, Kerala Police only became aware of his time in the state after national media revelations. His stay occurred without any traceable intelligence input or local alert.
Gul moved freely across Indian states for education and work after serving time for terrorism, without raising alerts, pointing to systemic coordination breakdowns.
He completed an MBA in Bangalore and later took a lab technician course in Kerala. No red flags appear to have been raised during admission, indicating possible document forgery or weak ID vetting.
There was no interlinking of terror offender databases with admissions or background verification processes at academic institutions.
Gul relocated to Pakistan after his release, where he was trained by ISI. There is no record of his travel or monitoring of this movement by border or intelligence agencies.
From being an RDX carrier in 2002 to leading the TRF and planning major attacks (2020–2024), Gul’s trajectory went unnoticed until the Pahalgam incident.
The diagnostic lab in Kashmir served as a logistical hub for terrorists. There was no evident financial or operational scrutiny of Gul’s activities.
Gul’s brother, a former doctor and militant, fled to Saudi Arabia and now allegedly funds terror networks. This suggests a missed opportunity for familial surveillance.
Kerala Police stated they had no record of Gul’s stay, indicating failure to track either institutional enrollment or local accommodation databases.
Gul’s Kerala stint remains unverified, with uncertainty over whether it was clandestine. No surveillance infrastructure appears to have flagged this.
