°źÂț”ș

Skip to main content

How Israel's tech warfare in Lebanon ignites supply chain fears

Why Israel's tech warfare and supply chain sabotage set a worrying precedent
6 min read
23 September, 2024
Analysis: Israel's deadly attacks in Lebanon show the devastating potential of turning everyday communication devices into weapons.

On 17 September, Israel launched a major sabotage operation in Lebanon, rigging hundreds of pagers and walkie-talkies used by Hezbollah members with explosives.

This resulted in a coordinated series of blasts, killing at least nine people and injuring over 3,000, including Hezbollah members, civilians, and two children. The following day, on 18 September, a second wave of explosions targeted more Hezbollah walkie-talkies, killing around 30 additional people and injuring over 700.

These unprecedented attacks, which many Lebanese compared to the devastation of the Beirut port explosion of August 2020, have also sparked fears over how everyday technology can be weaponised, marking a shift in modern conflict tactics where even basic communication devices can become deadly tools of warfare.

In-depth
Live Story

A new form of warfare?

The operation disrupted Hezbollah's ability to communicate and demoralised the group, which called the attacks its “biggest security breach” since cross-border skirmishes with Israel began on 8 October 2023.

After all, Hezbollah switched from using smartphones earlier in the year after leader Hassan Nasrallah issued warnings over Israeli surveillance concerns.

“These unprecedented attacks mark a significant escalation in the conflict between Israel and Hezbollah,” Robert Muggah, Co-Founder of SecDev, a geopolitical and cyber risk consultancy, told °źÂț”ș.

“It may also normalise a new form of warfare with potentially far-reaching effects in the Middle East and beyond.”

Following the telecoms attacks, Israel then targeted the southern suburbs of Beirut, killing 45 people in airstrikes, including the second-in-command of Hezbollah’s Radwan unit Ibrahim Aqil and another senior commander Ahmed Wahbi.

On Sunday, Hezbollah fired rockets deeper into northern Israel, targeting an air base near Haifa.

While the United Nations has for de-escalation, Israeli Defence Minister Yoav Gallant declared what he called a “new phase” in the war and said Israeli troops would be diverted to the Lebanese border.

Likewise, Hezbollah’s deputy chief Naim Qassem said the group was in a “new phase” in the conflict with Israel, as Israel ramped up its bombardment of towns in southern and eastern Lebanon on Monday.

Israel's use of tech warfare
A history of violence: Israel's targeted assassinations
How Israel's occupation is powered by big tech, AI, and spyware
Israel's Pegasus spyware: Tested in Palestine, sold to the world

How did the attacks happen?

While Israel’s sabotage of thousands of Hezbollah communication devices marks a new stage in the escalation between both parties, analysts say it also sets a worrying new precedent for similar attacks in future conflicts.

Some early speculation suggested that the pagers could have been targeted by a complex hack that caused them to explode, but that theory was quickly dismissed by experts.

Other analysts believed that the pagers may have been compromised during the supply chain and rigged to detonate remotely.

It turns out the process reportedly involved Taiwan’s Gold Apollo and Hungary-based B.A.C. Consulting, which was later revealed by The New York Times to be set up as a front for Israeli intelligence. According to three Israeli officials, shell companies were used to conceal the true producers of the pagers: Israeli intelligence.

Evidence suggests that Hezbollah received these back in February. The devices exploded upon receiving a specific command, marking the attack as both a cyber and kinetic strike.

“It’s unlikely that the manufacturers themselves were compromised since they wouldn’t have any control over who was getting which pager or walkie-talkie,” Patrick Lin, professor and director of the Ethics + Emerging Sciences Group at California Polytechnic State University, told °źÂț”ș.

Hezbollah's tampered pagers were linked to a wireless paging network that relied on radio frequency (RF) technology. This system allowed coded signals to be transmitted from a central device to pagers, which could only receive and decode these RF signals.

To initiate the process, the sender would input an alphanumeric message into a control device, known as a transmitter or paging terminal. This message was then transformed into an RF signal, which was sent to a network of transmission towers. These towers relayed the signal to pagers within their broadcast range.

Once pagers were powered on, their internal antennas would capture the RF signal and pass it to onboard radio receivers. These receivers, in turn, forwarded the encoded message to internal processors that decoded the signal and displayed the original alphanumeric message.

If the pagers were set up to receive the specific signal, they would alert the user through a beep, vibration, or by showing the message on the display.

Israel's attacks have implications for the future of weaponising warfare. [Getty]

Supply chain sabotage

Israel’s reported ties to the Hungarian company suggest that the devices were compromised during manufacturing, with Israeli agencies planting explosives in them before shipping them to Hezbollah.

Such third-party vendors can often obscure the device's origins, making it easier for malicious actors to infiltrate the supply chain without detection.

The communication devices could then be detonated remotely or through a signal transmitted via the RF network, making the pagers function as remote-controlled bombs.

For now, analysts believe that tech companies will try to reassure consumers and tighten their procedures. Still, the risk for larger companies is smaller, given their own regulations and stringent oversight of manufacturing.  

“Supply chain risk will now be at the centre of interest when it comes to electronic devices and technologies. But the risk to processes of big and established vendors is much smaller than in the case of niche or those modest ones,” Lukasz Olejnik, an independent researcher and consultant in cybersecurity and privacy, told °źÂț”ș.

“Still, some processes will be reassessed for sure. And fast,” Olejnik added.

Naturally, given the shock of the attacks, there are fears about whether this could impact other everyday devices like smartphones, which can be used to target their holders.

“Smartphone manufacturers and their suppliers tend to be much more sophisticated and secured operations, compared to manufacturers of pagers and walkie-talkies, though all it takes is one weak link for an entire supply chain to be compromised,” said Patrick Lin.

Given the limited space to hide even a small explosive device within smartphones, there isn’t a similar risk, he added.

Analysis
Live Story

Future implications

As for Lebanon, given the shock of these surprise explosions, there is a sense of panic over whether further Israeli attacks could target other devices next.

Observers say that is largely by design by Israel, to trigger a sense of terror across Lebanese society that Israeli attacks could occur anywhere and at any time.

“If we start to see similar attacks with laptop computers, such as by inserting an exploding USB drive that can be triggered by a radio signal, that would be a good reason for the world to be concerned about their everyday devices,” said Lin.

He also argued that this may have implications for the future of weaponising warfare.

“Coordination and communication are essential in armed conflicts. The pager and walkie-talkie attacks could be a prelude to a new military action or campaign,” said Lin.

“This is similar to Russia’s hacking of satellite-internet services in Ukraine, just one hour before it invaded - to cut off communications in Ukraine, create chaos, and prevent an effective, coordinated response.”

Israel’s attacks in Lebanon show the devastating potential of turning everyday communication devices into weapons, while also highlighting supply chain vulnerability when technology is sourced from multiple international providers without strict oversight.

Even if larger tech companies and some everyday devices like smartphones may be more secure, the attacks add a new dynamic to the evolution of modern conflicts.

“Not only does it raise questions about the vulnerability of external supply chains across all items, especially (digitally) connected electronics, but it also potentially ‘normalises’ supply chain attacks more generally,” said Robert Muggah.

“There is clear utility in this method - it causes disruption and panic. But it could also generate copycat effects. It is not just Hezbollah and Iran that will learn from this, but also the Taiwanese, Chinese, Ukrainians, Russians, and others.”

Jonathan Fenton-Harvey is a journalist and researcher who focuses on conflict, geopolitics, and humanitarian issues in the Middle East and North Africa.

Follow him on Twitter: