On Tuesday, 17 October, hundreds of pagers in Lebanon exploded simultaneously in a coordinated attack, targeting members of the political party and paramilitary group Hezbollah, which had in previous months ordered, shipped and distributed the pagers to some of its members.
A day later, a similar attack struck again when hundreds of walkie-talkies used by Hezbollah detonated.
It is alleged members of Hezbollah were using the low-tech pagers in the belief that they offer a more secure way to communicate than mobile phones, which could easily be intercepted by intelligence agencies using wiretapping or signal tracking.
The detonations killed at least 32 people and injured more than 3 000, causing harm to major Hezbollah figures and bystanders, including children.
Immediately, Hezbollah blamed Israel, which is engaged in a war with the group, its proxies and nation-state partners. Major news agencies have also pointed to Israel as the attacker.
Experts quickly noted that the size of the explosions, many caught on camera, were significantly bigger than a malfunctioning battery, and sources to major news outlets have since claimed the pagers contained explosives as well as supporting mechanisms, triggered when the pagers received a unique message from the attackers.
Regardless of who is responsible, the attack is a first. According to seasoned war correspondent and author Hamilton Wende: “This attack is unique in that so many people were physically harmed immediately in a cyber attack. I think the combination of a cyber attack and a military strike, if not unique, is certainly very unusual, and this is the largest one that’s ever happened. In some ways, it’s a mini 9-11. It's hard to know how it’s going to affect us.”
Supply chain attack
The attack combines three areas of warfare that, until now, have largely remained separated or operated in tandem but not as a single event: supply chain infiltration through a front company, cyber attacks and an open military strike.
Based on available information, the pagers originated from a company registered in Hungary called BAC Consulting KFT. In the past, Hezbollah bought pagers from Gold Apollo, a Taiwanese manufacturer, and the weaponised pagers also carried the Gold Apollo brand.
However, Gold Apollo denied involvement, stating that BAC Consulting KFT had licensed the rights to its trademarks through a relationship that started three years ago. BAC Consulting KFT has not responded to any requests for comment from media outlets.
The pagers appear to have been fitted with explosives and extra electronics to trigger the detonation, which was then remotely activated. Thus, the attack combined cyber attack, human intelligence and nation-state military strike capabilities by compromising a trusted supply chain.
Nation-state supply chain attacks are not unusual, especially in the cyber realm. In 2020, a hacker group backed by the Russian state injected backdoor code into SolarWinds IT management software widely used by US government agencies.
Earlier this year, hackers nearly succeeded in injecting backdoor code into major Linux distributions, a multi-year project that some experts have linked to nation-state groups.
Using front companies is not a new tactic either, with modern accounts going back to World War 1. Most recently, Swiss cryptography company Crypto AG was unmasked as a decades-long front for US and German intelligence, selling supposedly impenetrable cryptography devices to governments around the world that the spy services could access.
Escalation in cyber warfare
Still, even by these standards, the pager attack opens a new chapter, comparable to when alleged US and Israeli efforts sabotaged Iranian nuclear centrifuges in the late 2000s with a custom-designed virus called Stuxnet. Widely regarded as the first major nation-state cyber attack, the virus was physically injected into the isolated centrifuge systems, another example of combining cyber attacks with human espionage.
There are also examples of cyber warfare operating in tandem with military strikes. When Russia formally invaded Ukraine in 2022 after starting a proxy war in 2014, the invasion's physical bombardment was preceded by a vast cyber attack on Ukraine's internet infrastructure.
The pager attack, though, is more than an escalation. Stuxnet could still qualify as a covert “Cold War” sabotage effort, and Russia's aggression coordinated different attacks. Detonating hundreds of pagers merges cyber, spy and military disciplines into a single attack.
This merger will cause big ripples in cyber warfare, espionage and physical warfare. The collateral damage is also much bigger than any previous cyber attack, both to thousands of victims and to a pager manufacturer whose reputation and supply chain may have been irreparably compromised without its knowledge.
Speculating how this event will change warfare in the real and digital realms is tricky. However, it will have major and long-term repercussions, hence Wende’s comparison to the unconventional 9-11 attacks and its unpredictable consequences.
“The real danger will be when non-state actors start to use this technology for uncontrolled purposes. This is absolutely a new chapter in conflict,” says Wende.
Share