I'm going to kick off this new life posting on social media (don't really expect me to be here more than once a week) by speaking briefly about the absolutely horrifying attacks carried out in Lebanon.
-
I'm going to kick off this new life posting on social media (don't really expect me to be here more than once a week) by speaking briefly about the absolutely horrifying attacks carried out in Lebanon. For those of you that are not aware, yesterday and today devices all over Lebanon started exploding. Yesterday around 3000 pagers, which were used by Hezbollah and affiliates for communications, began spontaneously exploding, killing and wounding hundreds, including children and random bystanders. Today the same thing occurred with an unknown, assumed to be a couple thousand, handheld radios also exploded.
A number of questions should arise for us at this moment; the implications of this for future conflict, the fact that a mass war crime was just committed, the fear this creates for anyone that crosses a state and uses electronics. But, before getting into all that, we need to talk about how this would have had to be done.
A Thread:
-
From what we know of the attacks, the pagers that were targeted were a part of a shipment of 3000 pagers purchased by Hezbollah for distribution to members and affiliates. The pagers that were ordered were branded Gold Apollo, mostly model AR924, with a smattering of others. The order was processed through a Hungarian company called BAC Consulting, who was licensed to produce the pagers in Europe. That company, in turn, subcontracts out production to yet another company, and that is where a lot of journalists have lost the trail. It is likely that the radios have a similarly complex supply chain.
For this to be possible, a large number of conditions need to line up, and seem to have in this context.
-
To begin to even plan an operation like this, detailed intelligence would need to have been obtained, including what was ordered, including model numbers, and details about the shipment. Then, Israeli intelligence would have likely acquired 3000 of the same models of pager (likely through a series of intermediaries). These pagers were then modified to contain a small explosive charge and an electronic switch.
That switch was triggered by receiving a specific message, meaning that they also had to modify the firmware on the devices for this functionality. By extension, that also means that in the short amount of time this operation had to take place, likely under a month, they reverse engineered the devices, modified firmware, and figured out how to reflash the devices in a repeatable, consistent way, with stable software. Those of us that work in low level tech can attest to just how difficult this would be to do.
After modifying the pagers they would need to have found a point of entry to the shipment. This could have happened at the point of production, but that would involve sharing operational details with untrusted companies, so this is unlikely. More likely they either had the shipping company allow them to access a warehouse to swap the real shipment with the modified one, or, more likely, they did so while the shipment was going through customs in a friendly country.
This means that not only does Hezbollah have a leak in their supply chain, likely more than one, but they also do not check devices after receiving them and before distribution (we will talk about that later).
-
The idea that devices are captured in shipment and modified is something that we know is done. Not only was this talked about in the Snowden leaks, but Israel itself has carried out similar operations where phones in apartments or hotel rooms were replaced with modified devices that exploded when called. A number of assassination attempts were carried out like this in the 1990s.
There are a number of incredibly disturbing implications to this attack that take some of the issues exposed in previous attacks and turn them into potential crisis points.
Firstly, this attack creates a space that allows for this to happen again. Once a nation deploys a tactic, and there is no forceful response, then that tactic has a nasty habit of being used again and again, across greater parts of the world, with greater frequency. The idea that this sort of attack would become common is horrifying.
Secondly, supply chains are almost impossibly complex. In the tech industry this has been a topic of discussion for some time. With capitalist globalization lengthening supply chains, and increasingly building supply chains based on just in time production, it is no longer clear who makes any given component or device. For actual supply chain security to be a thing we would need to know, from beginning to end, how each and every component of importance, as well as a device overall, is manufactured. Given the complexity of that process, this is functionally impossible for anyone to do.
Finally, as a result, we need to be more intentional with our use of technology. Abandoning communications tech is not a viable strategy, either politically or for everyday life, so it is not as easy as burning your devices. We also can't simply give up and continue going on as we do, buyig devices without thinking about where and how they are manufactured.
-
If you want to guard against something like this some things to consider:
Firstly, the primary conditions that allowed for this to occur was wholesale ordering of devices and a leaky supply chain. If your affinity group all decides to use the same radio, or the same type of burner or something, go out and get them one at a time at regular stores. Don't try to order them in bulk; that is a very noticeable thing to do if the state is watching.
Secondly, when possible, learn how devices work and take things apart. When the social center gets a new printer, take the thing apart, learn how it works, and check for bugs. It may sound absurd, but a social center in France found a listening device in a printer once. Check out the laptop you just bought, and only buy laptops that can be disassembled and modified. Learn how to monitor network traffic to make sure the new thing you just bought is not pinging your location back to anyone. Just the knowledge that this is being done in the anarchist community raises the cost and complexity of trying something like this dramatically.
Finally, I think that this is one more example of why building parallel communications networks, using our own devices, is something we should really be putting time and effort into. The use of LoRa communications, which utilize radio to send text based messaging over long distances, can be paired with encryption and mesh netting to form cheap networks using easy to build devices. Ham radio is another option, of a protocol that is accessible, easy to learn, and easy to obtain devices that you can either take apart or build yourself.
-
I also do not want anyone to freak out about this. The reality is that this operation took months to plan and execute, deep infiltration of an organization, and high degrees of technical skill, and still, everything needed to fall into place (shipment needed to be delivered, no one could check the devices out before distribution, the cell network would be on and working across the country when they triggered the attack). These sorts of attacks, at present, are only going to be targeted at high profile targets.
The horrifying implication, though, is that this can be done, at scale, and more than once (pagers and radios). Crossing that chasm creates a space for this sort of thing to be developed, simplified, made more cheaply, and made readily available. We have watched this happen with other military capabilities in the past, and it is likely that this will be no different.
-
Update:
The NY Times published a story today citing intelligence sources that answer the question of how the supply chain was accessed.
Apparently, it was not during shipment, and Israel did not buy the pagers and then modify them.
Instead they are the people that started BAC Consulting in Hungary, and a number of other shell companies. They created the company, signed a legitimate contract with Gold Apollo for production, and even sold legitimate pagers to customers.
When they got the contract for the Hezbollah pagers they modified the designs to add different firmware and explosives, and then sent them along like any other normal shipment.
In some ways, strangely, this is comforting. A supply chain interdiction of this scale would be deeply concerning. In this scenario, if this shows itself to be true, the amount of work involved in the operation was extreme, and is unlikely to be repeated in this exact way again.
Though this did not happen through supply chain interdiction, and instead involved a far more elaborate ruse, they still did start a shell company that legitimately made pagers. That should still focus our attention on what devices we use, where they come from, and what they contain.
https://www.nytimes.com/2024/09/18/world/middleeast/israel-exploding-pagers-hezbollah.html
-
Laxystem (Masto/Glitch)replied to tom_nomad last edited by
@tom_nomad I didn't know the rest of the world didn't know of this, interesting. T'was common knowledge in Israel since the day after.