Sept 19,2024: The use of pagers and walkie-talkies in back-to-back coordinated explosions in Lebanon has drawn scrutiny to the security of global supply chains and their vulnerability to tampering by governments or other actors.
The utilisation of thousands of electronic devices in the apparent attacks, which are widely believed to have been orchestrated by Israel as part of an operation targeting Lebanon’s armed group Hezbollah, has raised the spectre of everyday communications equipment being weaponised in the future.
Tech companies are likely to see the attacks as a powerful reminder of the importance of securing their supply chains, while the general public’s trust in technology may also take a hit, tech industry and supply chain analysts told Al Jazeera.
“Every company that makes or sells physical devices will be worrying about the integrity of their supply chain,” said James Grimmelmann, Tessler Family professor of digital and information law at Cornell Tech and Cornell Law School in the United States.
“They are likely to consider adding additional safeguards and verifications so that they can better detect and prevent moves like this.”
While Israel has been implicated in assassinations using tampered communications devices before – including the 1996 killing of Hamas bomb maker Yahya Ayyash via an explosives-rigged mobile phone – the scale of the attacks, involving thousands of simultaneous detonations, was unprecedented.
At least 32 people were killed and more than 3,100 were injured in the explosions on Tuesday and Wednesday, including Hezbollah members and civilians, according to Lebanese authorities.
Erosion of public trust
Brian Patrick Green, director of technology ethics at the Markkula Center for Applied Ethics at Santa Clara University in the US, described the attacks as a potential watershed for the public’s trust in their electronic devices.
“Somehow thousands of devices were turned into weapons without anyone noticing it. How widespread are these explosive devices? How did the explosives get into the devices or the device supply chains? This attack raises terrifying questions that were never even considered before,” Green said.
Mariarosaria Taddeo, a professor of digital ethics and defence technologies at University of Oxford, said the attacks set a concerning precedent as they involved interference with the supply chain “not for a specific act of sabotage but for a distributed, highly impactful attack”.
“This scenario has been considered by experts but less so by state actors. If something good comes out of them, this is going to a public debate on control of the supply chain, strategic autonomy over digital assets, and digital sovereignty,” Taddeo said.
While it is unclear exactly how the pagers and walkie-talkies were turned into explosive devices, Lebanese and US officials have told multiple media outlets that Israeli intelligence booby-trapped the devices with explosive materials.
Israel has not commented to either confirm or deny responsibility.
Taiwanese company Gold Apollo, whose brand of pagers were used in the attacks, on Wednesday denied manufacturing the deadly devices, saying they had been made under licence by a company called BAC.
Gold Apollo’s CEO Hsu Ching-kuang told US radio NPR that BAC had paid his company through a Middle Eastern bank account that was blocked at least once by his firm’s Taiwanese bank.
BAC, which is based in Hungary’s capital Budapest, has not responded to requests for comment.
On Thursday, The New York Times, citing three unnamed intelligence officials, reported that BAC was an Israeli front set up to manufacture the explosive pagers.
Icom, a radio equipment maker based in Japan, said it had stopped producing the model of radios reportedly used in the attacks about 10 years ago.
“It was discontinued about 10 years ago, and since then, it has not been shipped from our company,” Icom said in a statement.
“The production of the batteries needed to operate the main unit has also been discontinued, and a hologram seal to distinguish counterfeit products was not attached, so it is not possible to confirm whether the product shipped from our company.”
