"supply chain attacks" have caused global concern
2024-09-23
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
image caption: foreign media reported that the explosion involved a pager produced in taiwan.
our special correspondent chen yang
the israeli defense forces said in the early morning of the 22nd that the israeli army attacked about 300 targets of hezbollah in lebanon on the 21st. reuters said that this was the second consecutive day that the israeli army launched the "most violent air strikes" on lebanon since the outbreak of a new round of israeli-palestinian conflict on october 7 last year. it is worth noting that before the israeli army launched a large-scale air strike on hezbollah, a large-scale serial explosion of communication equipment had just occurred in lebanon, causing a serious failure of the command link of hezbollah. many western media speculated that the serial explosions in lebanon were intended to pave the way for the israeli army's large-scale air strikes. behind this new attack mode, there is a "supply chain attack" that worries the world.
how hezbollah's pagers were hacked
on the 17th and 18th, pagers, walkie-talkies and other communication equipment exploded simultaneously in many places in lebanon, killing at least 37 people and injuring about 3,000 people. preliminary investigations showed that the pagers and walkie-talkies that exploded were filled with a small amount of explosives and detonated remotely through specific commands. in order to prevent israel from monitoring through smartphones, hezbollah previously required its members to abandon their mobile phones and use more primitive but relatively more confidential pagers and walkie-talkies as communication tools. it is generally believed that the serial explosions in lebanon are related to israel. the new york times called this action a "modern trojan horse made in israel." the view generally accepted by western media at present is that israel has been highly involved in these communication products since they were still on the production line, directly loading military high-performance explosives into the batteries of communication equipment such as pagers and walkie-talkies, and after hezbollah purchased them in batches and distributed them for use, it chose an opportunity to remotely control the battery temperature to detonate them.
a reporter from the global times learned from the 360 advanced threat research center that a comprehensive analysis of the rugged pager ar924 pager of the golden apollo company in taiwan, which exploded, proved that there were security vulnerabilities that could be manipulated at both the software and hardware levels. at the software level, the pager supports the use of special software to connect the pager through the usb-c interface to quickly configure and modify the device, so it is not difficult to modify the software system of this pager device on a large scale on a computer. the system is "unlocked" using the default password 0000, and the usb software programming unlock password is ac5678. after unlocking, the pager function can be customized with the help of the hardware interface and official software. the official programming interface can set various parameters of the device in detail, such as receiving frequency, alarm settings, display language, alarm volume, etc. it is not difficult for professional hackers to further crack the system firmware and software of the pager and implant a backdoor for control.
at the hardware level, the pager has a built-in but replaceable battery, so it is very easy for an attacker to replace the battery after placing explosive materials in it. there are three adjustment potentiometer capacitors and programming contacts on the back of the pager board, which may involve the adjustment of the device's operating parameters. generally, these contacts are usually used to program or debug the pager hardware through external devices (such as programmers or debugging tools). in some specific cases, if the potentiometer is associated with the power supply part, adjusting it may change the power supply voltage or current. therefore, if an attacker controls the battery temperature by controlling the current, voltage, or disguised control, it is theoretically possible to detonate sensitive explosive materials in the battery.
what is “new” and “not new” about “supply chain attacks”
according to a report by the american broadcasting corporation, the serial explosions of communication equipment in lebanon are typical "supply chain attacks". simply put, a "supply chain attack" is to interfere with or tamper with the production and circulation of products to achieve the purpose of the attack. experts interviewed by the global times said that in order to implement a "supply chain attack", it is necessary to deeply intervene in the relevant industrial chain. the american broadcasting corporation said that the attack involved shell companies, israeli intelligence officials at multiple levels, and a legitimate company that produced pagers with a disguised identity. at least some of the participants did not know who they were actually working for. the report said that the organization of the operation was very complex and was allegedly premeditated for at least 15 years.
however, experts said that the idea of using common civilian equipment to carry out large-scale sabotage operations is not new to some countries. sources in the us intelligence community told abc that the cia had long considered adopting this strategy, but it was not put into practice because "the risk to innocent people was too high."
experts warn that one of the important features of the lebanese serial explosions is the conversion of cyber attacks into physical destruction. previously, israeli intelligence agencies used the stuxnet virus to destroy iran's high-speed centrifuges used for uranium enrichment, but such a mode of destruction was limited to a few industrialized sectors. electronic devices and laptops have been used as weapons before. for example, when israel assassinated hamas bomb maker yahya ayyash in 1996, it used a remote control mobile phone explosion. however, these cases were only small-scale modifications of electronic products used by specific targets. cases like the large-scale modification of civilian equipment into explosive devices in lebanon have never happened before, and they target electronic products that are closely related to daily life. the resulting social impact is very far-reaching, and it also opens up a new attack mode.
especially with the advent of the digital age, various devices such as smart phones and smart homes can be connected to cloud servers through the internet to obtain services and support. they usually have open interfaces for users to access various applications and services, which also increases the possibility of illegal intrusion from the outside world. experts give an example that attackers can theoretically overload various electronic devices through network attacks. even if they are not equipped with explosives and will not cause violent explosions like lebanon, they may still cause the equipment to overheat and spontaneously combust. considering that the total number of smart devices connected to the internet worldwide is as high as billions, even if a very small proportion of them will spontaneously combust, the fire threat caused is still worrying.
zhou hongyi, founder of 360 group, said that the serial explosions in lebanon demonstrated a new type of cyber attack method, which is no longer limited to information theft, system paralysis, and attack on smart devices, but can also directly cause physical damage and casualties by controlling physical devices. "with the popularity of driverless cars, as long as you invade the network of the car company, you can remotely stop your car on the road, or start it in the parking lot, and run rampant without listening to commands." zhou hongyi believes that with the development of ai, there are more and more smart terminals, and the risk of being implanted and infiltrated is increasing, and all systems may become targets of attack. the pressure on network security defense is increasing, and it can be eavesdropped or data stolen at the least, or even cause physical damage such as explosions. such concerns are not groundless. chechen leader kadyrov posted on a social platform that his tesla truck was remotely disabled by musk.
beware of "indiscriminate attacks"
experts believe that another worrying feature of the lebanese serial bombings is the "indiscriminate attack". although the outside world believes that the target of the incident is hezbollah members, most of the actual victims are innocent civilians and even children. the characteristics of the "supply chain attack" itself determine that its attack lacks targeting, and no one can guarantee that these tampered electronic devices will not flow to innocent people or even third countries. american human rights lawyer huwayda araf said that these explosions in lebanon had no warning before they occurred and occurred in public places, "in fact, they meet the definition of state terrorism." whitson, director of the washington-based human rights organization "democracy now for the arab world", said, "you should not set traps on items that civilians may pick up and use," "this is why we have seen such a tragic disaster in lebanon." whitson said that the large number of casualties shows that these attacks are "essentially indiscriminate."
the general concern is that once the "indiscriminate attack" mode spreads, it will undoubtedly open the "pandora's box" and threaten everyone in the world. axios news network commented that "from pagers, walkie-talkies to reports of solar system explosions, it indicates that the front line of future wars may be infinitely extended, and even basic daily necessities are unreliable." zhou hongyi said, "every terminal product we have now relies on the global supply chain and is completed by a large number of suppliers. how to ensure that every link in the production, transportation, and warehousing process is controllable and safe is particularly important, especially for equipment and technology related to national security. we should accelerate independent research and development and production to ensure the credibility and safety of the equipment and avoid being tampered by external forces." "therefore, it is imperative to strengthen the security management of the supply chain."
according to a report on the website of the chinese permanent mission to the united nations on september 20, ambassador fu cong, china's permanent representative to the united nations, said in a speech during the security council's urgent review of the situation in lebanon and israel that china was deeply shocked and concerned about the simultaneous explosion of thousands of pagers, walkie-talkies and other communication equipment in lebanon by remote control, causing thousands of casualties. children playing on the street lost their eyes, mothers shopping in supermarkets were crippled in their hands and feet, and doctors on their way to work were seriously injured. this tragedy is unbearable to imagine. remotely controlling communication tools to launch indiscriminate attacks, causing large-scale civilian casualties and creating social panic, such things have never been heard of in history. this behavior is undoubtedly a serious violation of a country's sovereignty and security, a blatant violation of international law, especially international humanitarian law, and a disregard and trampling of life. the cruelty of the means and the bad nature of the attacks are outrageous and must be condemned in the strongest terms. ▲# hundreds of reviews#
