Sign in Subscribe

Explosive Pagers and Supply Chain Attacks

Tyler Olson talks about supply chain attacks and takes a recent example of explosive pagers that take the importance of supply chain auditing to the next level.

Explosive Pagers and Supply Chain Attacks
Photo by Bernd šŸ“· Dittrich / Unsplash

# Introduction

Attacks are advancing. and the threat of Nation State Actors have become more and more prevalent in different nations. I recently came across the news of one of the largest supply chain attacks Iā€™ve seen in a long time. Lets take a look at what happened, why it happened (speculation) and how it could have been prevented.

# What happened?

On 9/17/2024 at 3:30pm thousands of pagers that were issued to the Hezbollah Militant Group exploded at the exact same time. causing injuries to at least 2,800 people. No official claim to the attack was made. Major media outlets claim that Israel was responsible for this attack, this comes in line with increased attacks on the organization from Israel.

Why did this happen?

Until a formal investigation can take place. The following evaluation is speculation based on information seen online:

When looking at a video posted on social media. The type of explosion that we see is not like Lithium Ion Battery Explosions (video example) Where the batteries that are punctured flame up and arenā€™t exactly causing the classic ā€œExplosionā€ that you usually see due to faulty batteries. The large explosion and non-slow burning action of this appears to show that these pagers had been tampered with. More than likely with small explosives inside of the pager set to a time or a signal.

Placing an explosive inside a pager given to a militant group is feat of supply chain attacks. Israel had managed to get their hands on the pagers from European distributor with an agreement with Gold Apollo (sourced from a statement from Gold Apollo) prior to it arriving in the hands of the Hezbollah and damaged them planting the explosives that caused this mess.

From reporting in multiple news sources (CNN) in a statement by Gold Apollo they confirmed BAC Consulting was the contracted distributor that the pagers were purchased from. As soon as this news broke the website for the BAC was quickly and quietly removed from the web, returning a 403 status code. Normally I would shove an archive.org here. but recent attacks to the network caused issues while writing this.

In total it appears 2 other shell companies were observed to be operated by foreign intelligence services similar to BAC Consulting. I highly recommend reading the article as it dives deep into the processes that was undertaken to carry out this operation.

Take a look at some images:

https://theintercept.com/wp-content/uploads/2024/09/GettyImages-2171996113-e1726723691352.jpg?fit=3553%2C1776

https://twitter.com/sentdefender/status/1836062479069098286/photo/3

 

According to Lebanese Security Officials the explosives used in these pagers were advanced to be able to bypass checks like Xrays and others. It was virtually undetectable from all current ways of detection.

How to prevent supply chain attacks

Preventing Supply Chain attacks process is clear, as at any point in a process can a device be tampered with screening of those who handle devices or ship our product need to be examined and audited to ensure they arenā€™t for example, possessing explosives in them.

To see current prevention tactics. lets take a look at something Iā€™ve already talked about, Appleā€™s private cloud compute I know hearing the specifics that apple provided they appear crazy. Taking high resolution photographs of every server to verify that components were not modified in transport. Intense modeling and security standards that reduce the attack service for supply chain attacks but modification here would have been apparent if these security measures were undertaken.

Companies should also caution on the companies that sell their brand name out to other companies as that caused a disaster for Gold Apollo in this specific case. Proper auditing of the companies that you do business with will hopefully reduce fake companies that intend to do harm to your brand as well as others. The National Institute of Standards and Technology released a Best Practices in Cyber Supply Chain Risk Management which is a great resource for those in risk management for their companies to ensure that the risk of supply chain attacks are reduced. Knowing your entire attack surface greatly assists in this.

Conclusion

The word Cybersecurity sometimes doesnā€™t even apply to just the cyber world. protecting our supply chains are just as if not as important as protecting the data we have online. If our supply chain is attacked the data we are trying to hold so dear with software, is hard to protect when the hardware itself is designed to be hacked.

Want to look into this more?

Cloudflare: https://www.cloudflare.com/learning/security/what-is-a-supply-chain-attack/

Crowdstrike: https://www.crowdstrike.com/cybersecurity-101/cyberattacks/supply-chain-attacks/

More Articles: https://www.cnn.com/2024/09/27/middleeast/israel-pager-attack-hezbollah-lebanon-invs-intl/index.html,