Hundreds of pagers carried by Hezbollah members in Lebanon exploded almost at the same time on Tuesday, marking an attack more significant than any recent covert assassinations or cyber-attacks in the region. The Iran-backed group stated that the devices began to explode around 3:30 p.m. local time in what they claimed was a targeted Israeli attack on their operatives.
Hezbollah blamed Israel for the attack, saying it was a joint effort between Israel’s intelligence agency, Mossad, and the Israeli military. The Lebanese government condemned the attack, calling it “criminal Israeli aggression.”
The pagers that exploded were newly purchased by Hezbollah, according to a Lebanese security source. A Taiwanese manufacturer confirmed that the pagers, marked with their company’s brand, were made by a European distributor.
Experts believe that the scale and nature of these explosions highlight Hezbollah’s vulnerability, as their communication network was compromised with deadly consequences.
Who was affected?
Footage showed shoppers and pedestrians collapsing in the street following the blasts. The blood-soaked injured bore flesh wounds, clips showed, including lost fingers, damaged eyes, and abdominal lacerations.The country had to decalre emergency across the nation asked public to remove battery from all of their devices pagers,walike-talkie,cellphones. This affect the whole communication system first of its kind around the world and even public needs to suspect their device first time in revolution of smart phones or devices.
How did the pagers explode? A Supply Chain Attack??
Israel carried out its operation against Hezbollah on Tuesday by hiding explosive material within a new batch of Taiwanese-made pagers imported into Lebanon, according to American and other officials briefed on the operation.
The pagers, which Hezbollah had ordered from Gold Apollo in Taiwan, had been tampered with before they reached Lebanon, according to some of the officials. Most were the company’s AR924 model, though three other Gold Apollo models were also included in the shipment.
The explosive material, as little as one to two ounces, was implanted next to the battery in each pager, two of the officials said. A switch was also embedded that could be triggered remotely to detonate the explosives.
At 3:30 p.m. in Lebanon, the pagers received a message that appeared as though it was coming from Hezbollah’s leadership, two of the officials said. Instead, the message activated the explosives. Lebanon’s health minister told state media at least 11 people were killed and more than 2,700 injured.
The devices were programmed to beep for several seconds before exploding, according to three of the officials.
Independent cybersecurity experts who have studied footage of the attacks said it was clear that the strength and speed of the explosions were caused by a type of explosive material.
“These pagers were likely modified in some way to cause these types of explosions — the size and strength of the explosion indicates it was not just the battery,” said Mikko Hypponen, a research specialist at the software company WithSecure and a cybercrime adviser to Europol.
Keren Elazari, an Israeli cybersecurity analyst and researcher at Tel Aviv University, said the attacks had targeted Hezbollah where they were most vulnerable. “This attack hit them in their Achilles’ heel because they took out a central means of communication,” Ms. Elazari said.
David Kennedy, a former US National Security Agency intelligence analyst, told “This is one of the most widescale and coordinated attacks that I’ve personally ever seen.The complexity needed to pull this off is incredible,” he said.
“It would have required many different intelligence components and execution. Human intelligence (HUMINT) would be the main method used to pull this off, along with intercepting the supply chain in order to make modifications to the pagers.”
Could a cyberattack trigger off-the-shelf pagers to explode?
Lithium-ion batteries can explode if they’re short-circuited. When this happens, the battery releases gas and heats up — potentially to well over a thousand degrees. This process is called thermal runaway. When the gas reaches a certain pressure in the battery, it explodes.
Some Hezbollah members reportedly felt their pagers heat up before they exploded.
However, battery experts say that it’s very unlikely the pagers could have been triggered to explode with only a wireless signal — and that the descriptions and video of the attack is inconsistent with battery explosions.
Phones constantly send signals to nearby cell towers to register their location, enabling calls to be properly routed. Eavesdroppers can intercept these pings to determine their location.
Experts said it’s difficult to discern the exact security benefits the pagers provide without knowing the specific models. Many pagers only listen for incoming signals and do not send them. This makes tracking harder.
But given the strength of the explosions and how consistent and coordinated they were across thousands of devices, electrical engineering and battery experts said the attack likely required modifying the pagers.
It’s possible to remotely deactivate the software that coordinates a safe charging. But because the exploding pagers were worn by Hezbollah members, and not being charged, this mode of failure is unlikely.
To trigger an overheating failure, the pagers would have to reach at least 140 degrees, said Scott Moura, an engineering professor at UC Berkeley who studies battery safety. But modern consumer electronics are designed to prevent overheating, so there would likely be no simple software that could achieve these temperatures.
To achieve a battery explosion, Moura said, “I think it would be much easier to physically modify it.”
What is the purpose of the attacks?
At least part of the message to Hezbollah is clear: “We can reach you anywhere, anytime, at the day and moment of our choosing and we can do it at the press of a button,”
The operation was also likely designed to create a high-level of paranoia among Hezbollah members, degrade their ability to recruit people, and erode confidence in the leadership of Hezbollah and their ability to secure their operations and people.
Amos Yadlin, a former head of Israeli military intelligence and one of the country’s leading strategic experts, said the Israeli attack displayed “very impressive penetration capabilities, technology and intelligence.”
Israel has been linked to, or accused of, previous remote attacks in the region. Experts believe Israel and the United States were responsible for deploying a complex computer virus called stuxnet that destroyed centrifuges at an Iranian nuclear facility in 2009 and 2010.
In 2020, an Iranian nuclear scientist was assassinated in Tehran by a remote-controlled machine gun operating out of a car that was reportedly using facial recognition. This year, Hamas leader Ismail Haniyeh was killed with an explosive device covertly hidden in the guest house where he was staying in the Iranian capital,
Israeli intelligence forces have previously placed explosives in personal phones to target enemies, according to the 2018 book “Rise and Kill First”. Hackers have also demonstrated the ability to inject malicious code into personal devices, causing them to overheat and explode in some instances.
