The secret operation behind Hezbollah's exploding pagers
The secret operation behind Hezbollah's exploding pagers
Israel's high-tech sabotage, physical explosives, and an elaborate ruse leave over 4,000 injured.
The pagers used by Hezbollah operatives were detonated using small amounts of explosives planted in advance near the device's batteries, and the explosion was triggered by a message sent to the devices, the New York Times has reported based on conversations with U.S. officials and others briefed on the operation.
In the explosion of the devices yesterday, 11 Hezbollah operatives were killed and more than 4,000 were injured. Israel did not claim responsibility for the operation, but according to the NYT, it was planned and carried out by Israel.
According to the report, the explosive devices were manufactured by a Taiwanese company called Gold Apollo, with most of them being a model called AP924, along with three other models. Sources indicate that before the devices arrived in Lebanon, explosives weighing between 30 and 60 grams were placed near the battery, along with a remote detonation switch. At 15:30 (Lebanon time), a message was sent to the paging devices, pretending to be from Hezbollah leadership, which triggered the explosion.
Additionally, the New York Times reports that the devices were programmed to beep a few seconds before the explosion—a tactic intended to increase the number of casualties. The beeping would likely prompt anyone nearby to check the device just before the detonation.
According to sources, Hezbollah ordered more than 3,000 devices from Gold Apollo. Most were distributed to operatives in Lebanon, while some reached the organization's allies in Syria and Iran. The attack only affected devices that were active and had received the message. There is currently no information about the exact dates when the devices were ordered and delivered to Lebanon.
The New York Times report refutes earlier theories about how the devices exploded, including speculation that Israel had injected malicious software into the devices, causing them to overheat and trigger the explosion. "The devices were modified in a way that caused these types of explosions," Mikko Hyppönen, a researcher at the cybersecurity company WithSecure and a cybercrime consultant at Europol, told the newspaper. "The size and intensity of the explosion suggest it wasn't just the battery."
This method of operation may also explain why Israel chose to blow up the devices rather than exploit its access to gather intelligence on Hezbollah's communication network. If the report is accurate, the modifications to the devices were purely at the hardware level and did not involve adding a software component that could allow for remote control or information extraction.
The planting of explosive devices also points to a more complex operation than a typical cyberattack involving software. It would have required physical access to thousands of devices, possibly involving numerous individuals who could provide access and carry out the delicate task of planting the explosives.
Such access might have been obtained during the shipping phase, requiring a successful penetration of the shipping company's logistics system. This would involve removing the devices from their packaging, disassembling them, planting the explosive material, reassembling the devices so they functioned properly, and returning them to their packaging without any visible signs of tampering.
Alternatively, the explosives might have been inserted during the production phase, streamlining the process. In this scenario, a limited number of production workers at the company's factory could have planted the explosives as part of the assembly process. The assembled devices could then be shipped without showing any signs of manipulation. However, this would require highly accurate information about which devices were intended for Hezbollah, necessitating access to higher levels of the production chain. This assumes the devices were not off-the-shelf models, but specially manufactured for this order from Hezbollah.
Regardless of when the explosives were inserted, the operation would have required close access to the devices and the involvement of a significant number of people with precise knowledge and access. Its success demonstrates the party behind it had substantial intelligence, recruitment, and operational capabilities.
Meanwhile, the Taiwanese company Gold Apollo claims that the paging devices sold under its brand were not manufactured by them but by a company called BAC, which had been licensed to use the brand. "The product was not ours. It was only that it had our brand on it," said the company's founder and president, Hsu Ching-kuang, according to a Reuters report.
Speaking to reporters outside the Gold Apollo offices, the company president denied any involvement in the production of the devices. "We only provided permission to BAC to use our brand trademark for product sales in specific regions, but the design and manufacturing of the products are entirely handled by BAC," Hsu said. Initially, he claimed that the company operating under the license was based in Europe, but he later refused to comment on the location of BAC, the alleged manufacturer. He added that he does not know how the devices were tampered with, and emphasized that Gold Apollo is also a victim of the incident. "We may not be a large company but we are a responsible one," he said. "This is very embarrassing."