On Tuesday afternoon, thousands of pagers exploded, killing at least 12 members of the Lebanese group Hezbollah and injuring more than 3,000 others. Telecommunications and technology experts remain astonished and speculate on how this unprecedented operation was put together: “It’s a huge, barbaric operation,” says David Marugán, a consultant specializing in security and radio communications.
EL PAÍS has consulted another half dozen experts who prefer not to give their names because the combination of explosives, technology and traditional espionage make it extremely difficult to have a complete understanding of how it could have happened. They all agree, however, that it is something never seen before on this scale and is about to become a reality. simple something so complex.
1. Why it is unprecedented
The Mossad, Israel’s foreign intelligence agency, which is also the suspected suspect in this case, does have a history of placing explosives in devices such as landlines and cell phones. In 1996, a Hamas commander, Yehie Ayash, was killed after his tampered cell phone exploded.
In 2010, Iran discovered the Stuxnet worm, which had managed to destroy about a thousand centrifuges in its project to create nuclear weapons. Although it has never been officially acknowledged, the governments of Israel and the United States were behind it. An engineer at the facility introduced the virus into the plant, which was not connected to the Internet, using a pendrive. In this case, they exploited vulnerabilities in the software that controlled the devices, but no one had to tinker with thousands of pieces of hardware., beyond the insertion of the pendrive.
The Lebanese multi-pronged attack combines both precedents. Never before has a simultaneous physical attack been achieved on this scale and against so many devices.
2. How they managed to modify the pagers
This is the key question and here we enter the realm of pure speculation. It is only known that the search engines were models from a Taiwanese company. Gold Apollo, produced and sold by another Hungarian company called BAC. Israel has obviously not even said whether they were the perpetrators, much less explained how they did it. Such actions often remain in the shadows of speculation, never officially confirmed for years.
The hypothesis that it was a heated battery hacked The remote control immediately fell: the type of explosion, its force and the simultaneity of the detonations do not fit with the hypothesis of an overheated battery.
So the success of the operation depended on the combination of inserting explosives and retouching the firmware of the pager (the software pre-installed at the factory) in order to generate the explosion. This cannot be done without physical access to the devices. If this is the case, the key is to find out how they gained access to the pagers in order to modify them.
According to the AP agency, Taiwan’s Ministry of Economic Affairs said Gold Apollo exported more than 40,000 drill bits between January and August. Customers were mostly European and American countries, and it has no records of direct exports to Lebanon.
As we hear about the pagers in Lebanon that injured more than 2,700 people today, a reminder that one of the things that came out of the @Snowden leaks is that the NSA intercepts packages en route to customers to install malware and surveillance devices. https://t.co/ECuHCVPNNj
— Matthew Keys (@MatthewKeysLive) September 17, 2024
Theories about where this hypothetical and mysterious supply chain interception could have taken place are endless. One simple option is that Israel allegedly purchased other devices, modified them at its facilities by installing explosives and a new firmware with cable and replaced them in transit: some boxes for others and that’s it. Another possible method is that he accessed the merchandise and made those same modifications live, for example, on the ship. It is a much riskier operation and requires more accomplices. But if the explosives and the firmware If they were prepared, it is possible to carry out the modification in minutes, so it is plausible to imagine a group of agents or soldiers doing it in a few hours in a semi-secret location. And without anyone suspecting serious delays or detecting that the devices have been manipulated.
This interception process (also called interdiction) is not so unique or extraordinary. In 2014 it became known that the US National Security Agency intercepted routers Cisco to selectively modify them and gain access to their communications. The difference in this case is one of scale and that the objective was to blow them up, not to keep them for years to listen to.
3. Why didn’t they get more information from the devices?
If the authors of the modifications altered the firmware With the help of the devices, they could map out a network of Hezbollah members or any other imaginable target. Pagers don’t have the same capabilities as a cell phone, but if they’re modified you can do it. talk more than usual.
They could also wait for a more obvious conflict to occur in order to eliminate their rivals. According to some videos, the pagers went off after receiving a message that could have been the activation of the explosive.
Beyond the terrible damage, it remains unclear why they were detonated at this time. One hypothesis that seems to have been confirmed is that so many modified search engines were a potential risk. Any malfunction would have exposed the operation. According to these sources, the aim was to activate the operation just before a military attack.
4. Why Hezbollah used pagers and not cell phones
They wanted to prevent Israel’s technological advantage from giving them more advantages over the group: where they are, who they communicate with, even what they say.
In February, Hezbollah leader Hassan Nasrallah said: “The phone that you have in your hands, in the hands of your wives and in the hands of your children, is an agent. It is a deadly agent, not a simple one. It is a deadly agent that provides specific and precise information.” The failure to foresee that a much more basic pager could be more “deadly” is a potential victory for Israel.
This, of course, does not mean that a mobile phone can simply be exploited remotely. Again, it would have to be modified beforehand and it is a much more sophisticated device and purchases of devices are not usually made in bulk as in this case.
Beyond this case, and with the implied implications, Israel retains the feeling that nothing is beyond its technological tentacles and that it is always one step ahead in espionage or lethal actions with a technical component.
#technological #keys #attack #Hezbollah #astonishes #experts