Deadly device explosions in Lebanon mean supply chain may have been compromised

The detonation of hundreds of electronic devices used by members of Hezbollah is the result of a potentially years long intelligence operation that likely required the infiltration of the manufacturing supply chain and access to the pagers, security experts say.

More than 30 killed, thousands wounded over 2 days after devices used by Hezbollah were detonated

Mark Gollom · CBC News · Posted: Sep 19, 2024 4:00 AM EDT | Last Updated: September 19

Remains of an exploded pager on display on a surface. — The remains of pagers are seen following the explosion of devices used by Hezbollah earlier this week in Lebanon. More than 30 were killed and thousands were injured in the blasts, which the Iran-backed militant group blamed on Israel. (AFP/Getty Images)

The detonation of hundreds of electronic devices used by members of Hezbollah is the result of potentially a years long intelligence operation that likely required the infiltration of the manufacturing supply chain and access to the pagers, security experts say.

"Tactically and operationally … along with the level of sophistication, tradescraft and professionalism involved — it's unbelievable," said Assaf Orion, a retired Israeli brigadier general and defence strategist.

On Tuesday, at least 12 people were killed, including two children, with some 2,800 people wounded when hundreds of pagers used by Hezbollah members began detonating wherever they happened to be — in homes, cars, at grocery stores and in cafes. The following day, in a second wave of attacks, at least 20 people were killed and 450 were wounded when walkie-talkies and solar equipment used by Hezbollah exploded in Beirut and multiple parts of Lebanon.

Although Israel has neither confirmed or denied its involvement, its widely believed that intelligence officials from the country were responsible for the attacks.

WATCH | How were devices used by Hezbollah made to explode?

How did attackers turn Hezbollah's devices into bombs?

2 months ago

2:42

After a second wave of deadly explosions in Lebanon, experts are now analyzing how attackers were able to penetrate Hezbollah’s security to rig thousands of pagers and other devices with explosives.

Explosives hidden in pagers

In the first wave of bombings, it appeared that small amounts of explosives had been hidden in thousands of pagers used by Hezbollah, which were then remotely detonated. That has led security experts to speculate that intelligence officials were able to compromise the supply chain and gain access to the pagers.

In the world of electronics and computers, there are a lot of players involved in the supply chain, according to Oleg Brodt, head of R&D and Innovation for the Cybersecurity Research Center at Ben-Gurion University in Israel. Those would include the hardware manufacturers, software manufacturers and different parts coming from different places.

20 dead, hundreds wounded after another wave of explosions in Lebanon

Analysis
By bruising and humiliating Hezbollah, is Israel playing 'Middle East roulette?'

"You have the battery coming from one factory, you have the chipset coming from another and the other chips and the modems come in from elsewhere," Brodt said.

Eventually, he said, everything is being assembled at the final factory, which may also manufacture some of the components of the device.

"We can look at every stage of the chain and think about who can get compromised."

An ambulance drives through the streets of Beirut Wednesday after multiple explosions were heard during the funeral of four Hezbollah fighters killed earlier in the week after their pagers exploded. (Bilal Hussein/The Associated Press)

But experts suggest it's difficult to determine where exactly the supply chain was compromised as there are a number of potential points of entry.

"It depends on the capability of the actor," Brodt said, noting that if they gained access to the battery factory, for example, they could, theoretically, replace the batteries with ones containing explosives.

"It really depends on the channels that those actors already have to some parts of the supply chain."

But at some point in the chain, he said, intelligence officials would need to compromise it in a way that would allow them to insert an explosive material into the device along with some sort of software that would act as the trigger.

WATCH | Lebanon shaken by second wave of device explosions:

Second wave of deadly device explosions across Lebanon

2 months ago

2:18

Authorities in Lebanon say at least 20 people were killed and hundreds injured in a second wave of device explosions, including at funerals for three Hezbollah members and a child killed by exploding pagers on Tuesday.

Software could be preprogrammed

The software could be something preprogrammed before it gets to the user, said Josep Jornet, a professor of electrical and computer engineering at Northeastern University and the associate director of the school's Institute for the Wireless Internet of Things.

He said it could also be "software that was not preprogrammed for a specific time, but it was preprogrammed to react to a specific message" sent by those who have compromised the supply chain and installed the explosives.

Jornet cited media reports that everyone received the same type of what appeared to be a random message around the same time but probably contained some code or the right code word to trigger the explosion.

Hezbollah vows retaliation against Israel after deadly pager blasts wound thousands in Lebanon

Taiwan's Gold Apollo says it did not make pagers used in deadly Lebanon blasts

Elijah J. Magnier, a Brussels-based military and senior political risk analyst, told The Associated Press that he believes the blasts appeared to be triggered by an error message sent to all the devices that caused them to vibrate, forcing the user to click the buttons to stop the vibration

Magnier noted that he's had conversations with members of Hezbollah and survivors of the attack who suspect the explosive materials involved may have been RDX or PETN, highly explosive substances that can cause significant damage with as little as three to five grams.

Operation may have taken years

Emily Harding, director of the intelligence, national security and technology program at the Washington-based Center For Strategic & International Studies, said the critical piece of intelligence was knowing that Hezbollah was looking to upgrade all their communications and planned to move to pagers.

"And when you get that, as an intelligence officer, you have opportunity," she said.

LISTEN | Military tech journalist on the 'sophistication' of device explosions:

As It Happens7:20Hezbollah device explosions an ‘enormously sophisticated’ attack, says war tech journalist

Israel has not commented on a wave of attacks this week in Lebanon in which electronic devices belonging to Hezbollah members suddenly exploded, killing dozens and injuring thousands, including children and civilians. David Hambling, a British journalist who covers military technology, says the sophisticated attacks could have only been carried out by a national government with the time, money and expertise to infiltrate the paramilitary group's supply chain. He spoke to As It Happens host Nil Köksal.

The next step is finding out where Hezbollah was looking to acquire such devices and whether there was an opportunity to "get in front of them, and point them toward a particular company or particular pager that would be easier to manipulate," she said.

Harding said the operation also could have involved creating a front company from scratch to take part in the supply chain process, meaning the operation could have taken a long period of time.

Who even uses pagers these days?

"An organization like Hezbollah, you would think was going to do a lot of due diligence on that company, so they have to look real," she said, adding that this operation was "sophisticated and really traumatic."

"It's the kind of thing that takes years to put together."