Deadly device explosions in Lebanon mean supply chain may have been compromised

The detonation of hundreds of electronic devices used by members of Hezbollah is the result ofpotentially a years longintelligence operation that likely required the infiltrationof the manufacturing supply chain and access to the pagers, security experts say.

"Tactically and operationally along with the level of sophistication, tradescraftand professionalism involved it's unbelievable," said Assaf Orion,a retired Israeli brigadier general and defence strategist.

On Tuesday, at least 12 people were killed, including two children, withsome 2,800 people wounded whenhundreds of pagers used by Hezbollah members began detonating wherever they happened to be in homes, cars, at grocery stores and in cafes.The following day, in a second wave of attacks, at least 20people were killed and 450 were wounded when walkie-talkies and solar equipment used by Hezbollah exploded in Beirut and multiple parts ofLebanon.

Although Israel has neither confirmed or denied its involvement, its widely believedthat intelligence officials from the country were responsible for the attacks.

WATCH | How were devices used by Hezbollah made to explode?

How did attackers turn Hezbollah's devices into bombs?

8 days ago

Duration 2:42

After a second wave of deadly explosions in Lebanon, experts are now analyzing how attackers were able to penetrate Hezbollahs security to rig thousands of pagers and other devices with explosives.

Explosives hidden in pagers

In the first wave of bombings, it appeared that small amounts of explosives had been hidden inthousands of pagers used byHezbollah, which were thenremotely detonated.That has led securityexperts to speculate that intelligence officialswere able to compromise the supply chain and gain access to the pagers.

In the world of electronics and computers, there are a lot of players involved in the supply chain, according to Oleg Brodt,head of R&Dand Innovation for the Cybersecurity Research Center at Ben-Gurion University in Israel. Those would include the hardware manufacturers,software manufacturers anddifferent parts coming from different places.

"You have the batterycoming from one factory, you have the chipset coming from another and the other chips and the modems come in from elsewhere," Brodt said.

Eventually, he said,everything is being assembled at the final factory, which may alsomanufacturesome of the components of the device.

"We can lookat every stage of the chain and thinkabout who can get compromised."

But experts suggest it's difficult to determine where exactly the supply chain was compromised as there are a number of potential points of entry.

"It depends on the capability of the actor,"Brodt said, noting that if theygainedaccess to the battery factory, for example,they could, theoretically,replace thebatteries withones containing explosives.

"It really depends on the channels that those actors already have to some parts of the supply chain."

But at some point in the chain,he said, intelligence officials would needto compromise itina way that would allow themto insert an explosive material into the device along with some sort of software that would act as the trigger.

WATCH | Lebanon shaken by second wave of device explosions:

Second wave of deadly device explosions across Lebanon

8 days ago

Duration 2:18

Authorities in Lebanon say at least 20 people were killed and hundreds injured in a second wave of device explosions, including at funerals for three Hezbollah members and a child killed by exploding pagers on Tuesday.

Software could be preprogrammed

The softwarecould be something preprogrammed before it gets to the user,saidJosep Jornet,a professor of electrical and computer engineering at Northeastern University and the associate director of the school'sInstitute for the Wireless Internet of Things.

He said it could also be "software that was not preprogrammed for a specific time, but it was preprogrammed to react to a specific message" sent by thosewho have compromised the supply chain and installed the explosives.

Jornet cited media reports thateveryone received the same type of what appeared to be a random message around the same time but probably containedsome code or the right code word to trigger the explosion.

Elijah J. Magnier, a Brussels-based military andsenior political risk analyst, told The Associated Press thathe believes theblastsappeared to be triggered byan error message sent to all the devices that caused them to vibrate, forcing the user to clickthe buttons to stop the vibration

Magniernoted thathe's had conversations with members of Hezbollah and survivors of the attack who suspect the explosive materialsinvolved may have beenRDX or PETN, highly explosive substancesthat can cause significant damage with as little as three to fivegrams.

Operation may have taken years

Emily Harding, director of the intelligence, national security and technology program at the Washington-basedCenter For Strategic & International Studies, said the critical piece of intelligencewas knowing that Hezbollah was looking to upgrade all their communications and planned to move to pagers.

"And when you get that, as an intelligence officer, you have opportunity," she said.

LISTEN | Militarytech journalist on the 'sophistication' of device explosions:

As It Happens7:20Hezbollah device explosions an enormously sophisticated attack, says war tech journalist

Israel has not commented on a wave of attacks this week in Lebanon in which electronic devices belonging to Hezbollah members suddenly exploded, killing dozens and injuring thousands, including children and civilians. David Hambling, a British journalist who covers military technology, says the sophisticated attacks could have only been carried out by a national government with the time, money and expertise to infiltrate the paramilitary group's supply chain. He spoke to As It Happens host Nil Kksal.

The next step is finding out whereHezbollah was looking to acquiresuch devices and whether there was an opportunity to "get in front of them, and point them towarda particular company or particular pager that wouldbe easier to manipulate,"she said.

Harding said the operation also could have involved creating a front company from scratch to take part in the supply chain process, meaning the operation could have taken a long period of time.

"An organization like Hezbollah, you would think was going to do a lot of due diligence on that company, so they have to look real," she said, adding that thisoperation was "sophisticated and really traumatic."

"It's the kind of thing that takes years to put together."