When wireless PEDs go full IED

We might not all be carrying a tiny bomb capable of killing us and others nearby, but before the terrorist events in Lebanon on September 17th, I would’ve laughed off the notion. Now there’s nothing to laugh about. But can this new form of PED (Personal Electronic Device) terrorist attack reach U.S. and the rest of the world?

Thousands of Hezbollah wireless pagers simultaneously exploded at 3:30pm local time across Lebanon on Tuesday. In what could only be described as a coordinated direct attack upon members of the Hezbollah army, but that didn’t exclude many injuries and even some casualties to nearby civilians including two children. Reports of pagers suddenly exploding from inside soldiers’ pockets and some while users were responding to an alert to a page that just came over flooded the media. Some 2,800 people reported injuries with 12 casualties and this was just the first attack. According to an anonymous U.S. official, Israel told Washington on Tuesday it was going to do something in Lebanon just before the attacks, but no details were ever provided for precautions. As I write this blog, another wave of attacks are being reported, this time directly from soldiers’ exploding walkie talkies. This second attack reportedly took 20 lives and injured 450 people so far. So what is going on here?

Early reports began spreading the theory that the Li-Ion batteries inside the pagers and walkie talkies were being hacked to heat up and explode. As we know, cell phones, electric cars and other devices powered by Lithium-Ion have a long history of battery explosions when the cells are shorted through physical damage or intense heat. However, due to complex physics and various battery chemistries, it’s highly unlikely that any attack relying solely on batteries could produce such devastating and coordinated results when spread among thousands of devices. Military and forensic experts have further speculated that additionally, there must have been a small amount of explosive (likely PETN or PentaErythritol TetraNitrate) material inside each of these devices. A few grams placed near the battery would cause a deadly explosion in many scenarios, but until a detonated or non-detonated device can be analyzed, it is unclear what exactly caused so much carnage. What seems a little more clear is the likely method of delivery and triggering.

While the scale of these recent attacks is truly unique and terrifying, they are not the first of their kind. Going all the way back to the mid 90s, pocket-sized devices including cell phones have been implanted with a few ounces of explosives in an effort to eliminate specific targets. US and NATO forces have dealt with IEDs (Improvised Explosive Devices) for decades now, but IEDs are typically tied to larger roadside bombs capable of destroying fully armored military vehicles. They use cheap cell phones as wireless triggers, detonating the bomb only when the call from the bomber arrives and just as the vehicle passes. The combination of wireless trigger and small explosive material is the current best guess as to how this destruction was achieved using pagers and walkie-talkies. But why pagers?

When most of us think of pagers, we think of the 80s and 90s with drug dealers or pimps. We don’t think of high-tech warfare and terrorism. Pagers operate on VHF (150-174 MHz), UHF (450-470 MHz) and 900 MHz for more advanced two-way paging systems. These frequencies are lower than more popular frequencies used in Wi-Fi, Cellular and Bluetooth allowing pager messages to penetrate walls and basements easier than modern smartphones, laptops and tablets. To this day, pagers are popular with doctors in hospitals around the world including hundreds just in the US due to their ability to penetrate hospital structures without interfering with sensitive medical equipment. In the case of Hezbollah soldiers, pagers are used widely because they are simpler communication devices lacking GPS which makes them difficult for enemies to track. Walkie-talkies are two-way devices that typically broadcast in the UHF band as well. If one could hide a small amount of explosive material and trigger circuitry inside a normal device, it could be easily detonated from many miles away. But how could so many devices have been intercepted, implanted and deployed on such a scale?

We seem to be witness to a new type of warfare, a blending of cyber warfare and supply chain disruption. The pagers were reportedly manufactured by Taiwanese manufacturer called Gold Apollo Co. It is unclear exactly how or when the supply chain was disrupted, but experts believe it required coordination on both ends of the pager and walkie-talkie shipments to Hezbollah. As terrible as these attacks are, walkie-talkie and pager bombs seem a little like something out of an outdated James Bond movie. Sure they are deadly but who do you know that actually uses such devices. What about more modern devices?

One of the reasons that these bombings have been so effective is sheer size. Most pagers and walkie-talkies are bulky compared to more modern, sleek PEDs. If you’re ever seen the inside of your smartphone, you will know that every square millimeter is being used and the phone simply would not work if you gutted out a small area to include explosives. However, laptops are considerably larger and could be modified to include some small explosives. Roughly 25% to 40% of a modern laptop’s internal space is set aside just for batteries. Given most laptops now boast all day runtimes, it’s possible that a few Li-Po batteries could be replaced with explosive polymers without most users even realizing. Throw in a wireless micro trigger and now you have traveling bomb. I’m not positing anything new here. TSA personnel have been searching and swabbing laptops for explosive materials for many years now, but this is only for air travel. Who needs to send a violent message of terrorism by downing plane when you can simultaneously bomb thousands of individuals throughout a crowded city?

I don’t want to end on such a dark note so I will remind you that I’ve been running my own wireless security company for the past 25 years. In that time, we’ve worked with Feds, police, DHS, DoD and many others in wireless detection of security threats. If terrorists want to send a devastating message, they’ll need to trigger smaller bombs in a coordinated manner which usually requires a wireless trigger. We’ve yet to meet a wireless threat that couldn’t be detected.