us media: pager attacks may change the world
2024-09-26
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
reference news reported on september 25on september 22, the new york times website published an article titled "israel's pager attack changed the world," written by bruce schneier, a cybersecurity expert at harvard kennedy school of government. excerpts from the article are as follows:
israel's brazen attack on hezbollah in lebanon this week, which exploded thousands of pagers and walkie-talkies and killed at least 37 people, illustrates a threat that cybersecurity experts have been warning about for years: the international supply chain for electronic devices leaves us vulnerable to attack. we have no good way to protect ourselves.
as shocking as this deadly operation was, none of the means used to carry it out were particularly new. israel’s tactics of manipulating international supply chains to plant plastic explosives in hezbollah equipment have been used for years. israel has neither admitted nor denied its role in this operation. what is new is that israel carried out the attack in such a devastating and brazen way, providing a clear glimpse into what the future of great power competition—in peacetime, wartime, and the expanding gray area in between—will look like.
our computers are vulnerable, and increasingly so are our cars, refrigerators, home thermostats, and many other useful things in our lives. targets are everywhere.
the core element of the operation - planting plastic explosives in pagers and walkie-talkies - has been a terrorism risk since 2001, when richard reid, the so-called "shoe bomber," attempted to detonate plastic explosives on an airplane.
the second component, assassination via personal devices, is also nothing new. israel used this tactic against a hamas bomb maker in 1996 and a fatah militant in 2000. both were killed by booby-trapped cell phones that were detonated remotely.
the final and more logistically complex part of the israeli plan: the wholesale manipulation of equipment through the international supply chain, something the united states has also done, but for different purposes. the nsa intercepts communications equipment in transit and transforms it into a listening device. we know from one of the snowden documents that the nsa did this to a cisco router that was sent to a syrian telecom company. it is understood that this was not the first time the nsa had done this.
even creating front companies to deceive victims is nothing new. israel reportedly set up a shell company to produce equipment to implant explosives and then sold it to hezbollah. in 2019, the fbi set up a company to sell seemingly normal wiretapped phones to criminals and then arrest them.
the bottom line is: our supply chains are vulnerable, which means we are vulnerable too. anyone, any country, any group, any individual, who works with high-tech supply chains can potentially tamper with the equipment in them, either to eavesdrop, or to degrade its functionality or make it unresponsive to operational commands. and, although it is more difficult, it can also be tampered with to kill people.
personal devices connected to the internet, and countries like the united states where they are used in large numbers, are particularly at risk. in 2007, the idaho national laboratory demonstrated that a cyberattack could cause a high-voltage generator to explode. in 2010, a computer virus said to have been jointly developed by the united states and israel destroyed centrifuges at an iranian nuclear facility. leaked cia documents in 2017 included notes on the possibility of remotely hacking into cars, which wikileaks said could be used to carry out "virtually undetectable assassinations." this isn't just theoretical: in 2015, a journalist allowed hackers to remotely control the car he was driving. the hackers turned off the engine as he drove on the highway.
the world has begun to change to address this threat. many countries are becoming more cautious about buying communications equipment from countries they don't trust.
how to protect against such attacks is unclear. our high-tech supply chains are complex and international. the fact that hezbollah’s pagers came from a hungarian-based company did not alarm the group because such things are normal. most electronics americans buy come from overseas, including iphones, which are made from parts sourced from dozens of countries and assembled primarily in china.
this is a difficult problem to solve. we can't imagine washington passing a law requiring apple phones to be made entirely in the united states. the labor costs are too high, and the united states doesn't have the capacity to make these things domestically. our supply chains are deeply international and unstoppable, and changing that would require taking the global economy back to the 1980s.
so what's happening now? as for hezbollah, its leaders and operatives will no longer be able to trust devices connected to the network - which was likely one of the main purposes of the attack. the world will be watching to see what long-term effects this attack has, or to see how hezbollah responds.
such attacks could be used against an army during war, or against civilians before a hot war breaks out. developed countries like the united states are particularly vulnerable to attacks because we have a large number of vulnerable devices.
