The boundaries of cyber-attacks are increasingly liquid today. Enabling technologies can be used to provoke unprecedented operations on an international scale, such as Israel’s operation against Hezbollah.
As cybersecurity experts, let us analyse from an IT perspective how such a cyber-attack was possible and what processes turned simple communication devices into bombs ready to explode. As we shall see, it was not enough to bypass computer systems, but the entire production chain was compromised, combining the reactions of computer processes with chemical reactions.
What happened
According to the Sky News Arabia report, Israel attacked Hezbollah militants by manipulating communication devices, especially pagers, used for internal communications and preferred to mobile phones. The detonation of these devices took place in various areas of Beirut, mainly in the suburb of Dahiyeh, through a complex combination of cyber-attack and physical manipulation of the devices. The result was the injury of over 4,000 people.
How was the simultaneous explosion triggered?
The attack was made possible through a computer infiltration of the pagers used by Hezbollah, including models such as the Gold Apollo Rugged Pager AR924, Motorola LX2 and Teletrim. During production, the compromised devices were equipped with 20 grams of PETN (Pentaerythritol Tetranitrate), a powerful explosive, inserted into the pagers via suppliers infiltrated by Israeli intelligence services. In particular, it was speculated that the Israeli services sent specific commands to the devices to overload the software, causing a targeted overheating that triggered the PETN explosion, leading to the coordinated detonation of the pagers.
What is PETN?
PETN is one of the most powerful explosives in existence, with a Relative Effectiveness Factor (REF) of 1.66, making it much more powerful than TNT. Unlike other explosives, PETN is relatively stable and insensitive to shock or friction, which reduces the risk of accidental explosions. However, when intentionally ignited by heat or shock, it releases an enormous amount of energy, causing catastrophic damage. This explosive capability made it an ideal choice for the operation, as it could be inserted into pagers and triggered in a controlled manner through cyberattack.
The dynamics of the attack and the consequences
Unlike random explosions, these detonations occurred in a controlled and simultaneous manner, causing severe physical damage to the militants. The command launched in the pagers overloaded the operating system, causing the device to heat up beyond the safety threshold and thus triggering the PETN explosive. This type of attack marks a step forward in cyber warfare, showing how modern technologies can be used not only to steal information, but also to inflict devastating physical damage.
Implications for global cyber security
This attack poses a serious threat to global security. The ability to exploit cyber vulnerabilities to create physical explosions highlights the growing danger of cyber attacks. With the increasing reliance on connected devices, the possibility of turning common technologies into lethal weapons is a real danger for the future.
Comparison with Stuxnet: a threat already seen
The attack against Hezbollah is reminiscent of the case of Stuxnet, a computer virus designed to sabotage Iran’s nuclear programme in 2010. Both incidents demonstrate how cyber warfare can transcend the boundaries of cyberspace, causing real physical damage. However, while Stuxnet aimed to disable industrial machinery, the attack on Hezbollah used personal devices as a vehicle to trigger coordinated explosions.
Lesson for the future
The recent attack shows that cyber warfare has reached a new level of sophistication, where state actors can use technology to devastating tactical advantage. It is therefore crucial to strengthen cyber security globally to protect not only data, but also the physical integrity of critical infrastructure and everyday devices. This is a wake-up call for the international community, which will face the challenge of preventing cyber attacks capable of causing large-scale physical damage.
Analysis by Vasily Kononov – Threat Intelligence Lead, CYBEROO
