3rd Party Risk Management , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime
Exploding Hezbollah Pagers Not Likely a Cybersecurity Attack
Cybersecurity Experts Say Operatives Probably Intercepted Physical Supply ChainIt doesn't appear to be a cyberattack, security experts said of the hundreds of pagers that blew up Tuesday afternoon across Lebanon, an apparent salvo against Hezbollah militants by the Israeli government.
At least eight people have been killed and more than 2,700 injured, according to multiple media reports. Videos posted on social media show explosions on the bodies of individuals who fall to the ground; other videos show injured people in Beirut streets.
The Lebanese government attributed the attacks to "Israeli aggression" and called them a violation of sovereignty. CNN reported that Hezbollah released a statement holding "the Israeli enemy fully responsible for this criminal attack" and vowing retribution. The Israeli military has not commented.
"We are gathering information on this incident. I can tell you that the U.S. was not involved in it. The U.S. was not aware of this incident in advance," U.S. Department of State spokesperson Matthew Miller said during an afternoon press conference.
Tensions between Israel and Hezbollah militants along the Israeli northern border with Lebanon have spiked amid ongoing war in the Gaza Strip sparked by Hamas' violent incursion into Israel on Oct. 7, 2023.
An emerging consensus among cybersecurity experts is that operatives probably intercepted the pager supply chain to rig the devices with plastic explosives. Members of Hezbollah reportedly have increased their use of pagers as an operational security measure to decrease the likelihood of being tracked. "This phone is in our hands. What is in your hand? I do not have a phone in my hand," Hezbollah top leader Hassan Nasrallah reputedly said in February when advising fighters to throw away their smartphones.
Reuters reported that the pagers were all bought by Hezbollah in recent months. A Hezbollah official told The Wall Street Journal that some apparent targets felt the pagers heat up and disposed of them before they exploded. The official speculated that malware could be the cause, but cybersecurity experts said it's unlikely.
"Perhaps one of the most extensive physical supply chain attacks in history," said Dimitri Alperovitch, co-founder of cybersecurity company CrowdStrike and of think tank Silverado Policy Accelerator.
Bogdan Botezatu, director of threat research and reporting at Bitdefender, in an emailed statement told Information Security Media Group that "the only logical explanation is that explosives and a side channel for detonation was likely used."
Computing devices that contain lithium ion batteries have burst into flames and exploded, but "none of the pagers that we were able to find on the market ship with built-in batteries. None of them are recommended to work with Li-Ion batteries," Botezatu said. The battery packs appear to use typical size AAA or AA batteries, he added.
The BBC quoted a former British Army munitions expert who said operatives likely packed the pagers with between 10 and 20 grams of high-grade explosives hidden inside a fake electronic component. Less than 1% of the exploding pagers at last count have proven fatal.*
*Updated Sept. 17, 2024 20:26 UTC: Adds additional reporting.