Deadly bomb explosions in Lebanon mean supply chain may be at risk

The detonation of hundreds of electronic devices used by Hezbollah members is the result of what may have been a years-long intelligence operation that likely required infiltration of the manufacturing supply chain and access to the pagers, security experts say.

“Tactically and operationally … along with the level of sophistication, craftsmanship and professionalism that is being used here – it is incredible,” said Assaf Orion, a retired Israeli brigadier general and defense strategist.

On Tuesday, at least 12 people were killed, including two children, and about 2,800 people were injured when hundreds of Hezbollah members’ pagers exploded wherever they were – in homes, cars, grocery stores and cafes. The following day, a second wave of attacks killed at least 20 people and injured 450 when walkie-talkies and solar panels used by Hezbollah exploded in Beirut and several locations in Lebanon.

Although Israel has neither confirmed nor denied its involvement, it is widely believed that the country’s intelligence officials were responsible for the attacks.

Explosives hidden in pagers

During the first wave of attacks, it was discovered that thousands of Hezbollah pagers contained small amounts of explosives that were then detonated remotely. Security experts therefore speculate that intelligence agents penetrated the supply chain and thus gained access to the pagers.

In the world of electronics and computers, there are many players involved in the supply chain, according to Oleg Brodt, head of research, development and innovation at the Cybersecurity Research Center at Ben-Gurion University in Israel. This includes hardware manufacturers, software manufacturers and different parts coming from different places.

“The battery comes from one factory, the chipset from another, and the other chips and modems come from somewhere else,” Brodt said.

Eventually, everything will be assembled in the final factory, where some of the device’s components may also be manufactured, he said.

“We can look at each level of the chain and think about who could be compromised.”

However, experts say it is difficult to determine exactly where in the supply chain it was compromised because there are a number of potential entry points.

“It depends on the capabilities of the actor,” Brodt said, pointing out that if he gained access to the battery factory, for example, he could theoretically replace the batteries with ones containing explosives.

“It really depends on the channels that these players already have to some parts of the supply chain.”

But at some point in the chain, he said, intelligence agents would have to manipulate the device so that they could insert explosives and some kind of software that acts as a trigger into the device.

WATCH | Lebanon rocked by second wave of bomb blasts:

20 dead and hundreds injured in Lebanon in new wave of bomb explosions

Lebanese authorities said at least 20 people were killed and 450 injured on Wednesday after more walkie-talkies and other electronic devices exploded. Such explosions included those at the funeral of three Hezbollah members and a child who was killed by exploding pagers on Tuesday.

Software could be pre-programmed

The software could already be pre-programmed before it reaches the user, says Josep Jornet, professor of electrical and computer engineering at Northeastern University and deputy director of the University’s Institute for the Wireless Internet of Things.

He said it could also be “software that was not pre-programmed to run at a specific time, but to respond to a specific message” sent by those who compromised the supply chain and installed the explosive devices.

Jornet cited media reports that everyone received the same type of seemingly random message at about the same time, but which probably contained a code or the correct code word to trigger the explosion.

Elijah J. Magnier, a Brussels-based military and political risk analyst, told The Associated Press he believed the explosions appeared to have been triggered by an error message sent to all devices that caused them to vibrate. The user then had to click buttons to stop the vibration.

Magnier mentioned that he had spoken to Hezbollah members and survivors of the attack who suspected that the explosives could have been RDX or PETN, highly explosive substances that can cause significant damage in quantities of just three to five grams.

Operation could have taken years

Emily Harding, director of the intelligence, national security and technology program at the Center for Strategic & International Studies in Washington, said the crucial intelligence report provided information that Hezbollah wanted to modernize all its communications technology and switch to pagers.

“And if you can achieve that as an intelligence officer, you have a chance,” she said.

The next step would be to find out where Hezbollah was looking for such devices and whether there was a way to “get ahead of them and alert them to a particular company or pager that would be easier to tamper with,” she said.

Harding said the operation could also have involved the creation of an entirely new front company to participate in the supply chain process, meaning the operation could have taken a very long time.

“You would think that an organization like Hezbollah would look very closely at this operation, so it must appear legitimate,” she said, adding that the operation was “sophisticated and really traumatic.”

“It’s the kind of thing that takes years to put together.”