Lessons from exploding pagers in Lebanon: The West must protect its supply chains
Dozens of people have been killed and thousands injured after two days of explosions in Lebanon, which the Shiite militant group Hezbollah blamed on Israel last week. The attacks, using explosives planted in electronics, illustrate the vulnerability of technology supply chains. The biggest threat to Western countries comes from manufacturers in China, who place software on their devices that allows uncontrolled remote access.
The first wave of explosions occurred last Tuesday. Pagers used by Hezbollah received a message at 15:30 local time, similar to earlier messages from the organization's leadership. The devices didn’t explode immediately after receiving the message but with a slight delay. The beep and subsequent pause gave users time to raise or even bring the pagers closer to their faces, explaining the numerous reports of hand and facial injuries among those affected.
A second wave of explosions occurred a day later, caused by explosives planted in radios. Fewer details about these have emerged, but they were likely rigged similarly to the pagers. Overall, the attacks left dozens dead (twelve estimated from pager explosions, twenty from walkie-talkies) and several thousand injured.
The modification of pagers and radios to trigger explosions took place at both the software and hardware levels. The devices were reprogrammed to respond to a specific message, and someone physically added several grams of explosives to them. This points to a highly sophisticated intelligence operation that planted altered electronics into Hezbollah's hands.
In the case of the pagers, strong similarities have been identified with the AR-924 model from Taiwanese manufacturer Gold Apollo, whose clients previously included intelligence and rescue services in Europe and the United States. However, Gold Apollo immediately denied producing the devices involved in the attacks. They were reportedly manufactured under a Hungarian partner, BAC Consulting, though Budapest officially denied this through a government spokesperson. According to the news portal Telex.hu, BAC Consulting acted as a middleman for deliveries to Hezbollah through Bulgarian firm Norta Global, but the trail ends there. It is very likely that none of these companies were involved in the production of the pagers and were instead used as “white horses” in a covert intelligence operation.
Japanese radio manufacturer Icom, whose products resemble the exploded Hezbollah radios, supplied the Middle East from 2004 to 2014 but ceased production of the affected model (including batteries) over a decade ago. The devices in Lebanon lacked a "hologram warranty seal" used to identify counterfeit products. "For this reason, it is not possible to confirm or deny that the product originated from our company," Icom stated.
Whoever manufactured the pagers and walkie-talkies succeeded in getting them, along with explosives and modified software, into Hezbollah’s hands. Israeli intelligence must have known that the Shiite militant group was interested in purchasing thousands of new communication devices and infiltrated the supply chain. It is likely that Israel controlled the entire production and logistics process, including establishing a credible network of intermediaries. Israeli interception of encrypted communications between Hezbollah's receipt of the equipment and the explosions is also plausible. Hezbollah's leadership supported the acquisition of pagers and walkie-talkies, considering them more secure than mobile phones.
"This is the most extensive publicly known attack on a physical supply chain we’ve ever seen," said Dmitri Alperovitch of the Washington-based geopolitical think tank Silverado Policy Accelerator. "It’s clear that Israel gained valuable intelligence, using it to intercept and plant explosives in thousands of devices."
The explosions in Lebanon caused widespread distrust of electronics, triggering a wave of paranoia. Reports circulated of other devices exploding, such as solar power systems and fingerprint readers. Photos of damaged mobile phones were shared on social media. While some of these reports were debunked, they highlight the ease with which crowd hysteria spreads.
The attacks also hindered Hezbollah's secure communications, disrupting its command structure. A review of operational security is now required, straining Hezbollah's manpower in its fight against Israel. Hundreds or thousands of fighters have been injured, losing fingers, hands, or suffering other debilitating injuries, temporarily rendering them unfit for combat. Moreover, travel restrictions have emerged, with Qatar Airways banning pagers and radios on its flights.
The explosions have helped to partially restore the reputation of Mossad, Israel’s intelligence agency, as a powerful entity. After its failure on October 7 last year, when Hamas launched a surprise attack on Israeli territory, Mossad has been determined to rebuild its image. The explosion of Hezbollah’s pagers and walkie-talkies followed a series of successful assassinations of senior Hamas (Ismail Haniyeh) and Hezbollah leaders (Saleh Aouri, Fuad Shukr, Radwan Ibrahim Aqil, Ahmad Mahmoud Wahbi).
From a Western perspective, the Lebanese explosions highlight the importance of securing supply chains. "Every board, every CEO, every government woke up today to the fact that the products we buy may be at risk," said Bindiya Vakil of Resilinc, a supply chain risk management firm. "We are seeing the supply chain being used as a weapon."
Many electronics manufacturers outsource the production of relatively inexpensive items like pagers, making it difficult to track the origin of each item. Companies often send their equipment designs to contract manufacturers who source components and assemble the final product. This multi-step process introduces the risk of counterfeiting or tampering with parts. Outsourcing complicates the identification of a product’s origins. Once a shipment arrives at a distribution center, "the controls that exist in the factory suddenly disappear," said Chris Clark of Todd Advisory. At this stage, there is an opportunity to "change batteries, replace parts, and insert whatever is wrong."
Relying on hardware and software from geopolitical adversaries increases these risks. Due to concerns over espionage and cyberattacks, Western governments have banned certain Chinese-made equipment in recent years, such as Huawei's 5G technology. A U.S. congressional investigation recently revealed the unauthorized installation of mobile modems in harbor cranes by Chinese company ZPMC. These modems could be used remotely to disrupt U.S. infrastructure.
Investigations into software and technical specifications have raised concerns about technology in Chinese vehicles. In-car cameras, microphones, and tracking devices can collect personal data or facilitate espionage. There is also the risk that vehicles could be remotely controlled and used for sabotage during a conflict, causing mass crashes or roadblocks.
"The incident in Lebanon is isolated, but it underscores the vulnerability the U.S. and its allies accept by using supply chains from problematic countries," explains Mark Montgomery of the Foundation for Defense of Democracies. "While placing explosives is an extreme case, it’s easy to imagine malicious hardware or software being inserted into products for later activation."
Opaque supply chains for everyday items will continue to tempt adversaries of Western nations, including the Czech Republic. However, a repeat of the Lebanese scenario may be unlikely. Although private companies and public officials are still evaluating the political impact of the attacks, the explosions could trigger a wave of restrictions on sensitive technology purchases from adversaries. It will also be necessary to encourage the return of industrial production to domestic or allied territories. This would reduce dependence on foreign producers and strengthen the security of supply chains for national civilian and military needs.