Hezbollah’s Pager explosions: Could smartphones face similar explosive cyber attacks?

A shocking incident in Lebanon has brought a rarely discussed technology into the spotlight: the pager. On September 17, 2024, hundreds of pagers used by Hezbollah members and medics exploded simultaneously, killing at least nine people and injuring nearly 3,000. While the political implications are huge, the technical aspects of how this attack was carried out are equally fascinating and terrifying.

Pagers, the tiny communication devices that many of us associate with the 1990s, are still in use today, especially in sectors where secure communication is crucial. Hezbollah, the militant group operating in Lebanon, has been using pagers because they offer some clear advantages over more modern communication devices like smartphones.

Pagers operate using radio frequencies, not internet or cellular networks, which makes them harder to track, hack, or surveil. These devices receive short text messages or alerts transmitted via a central operator. That’s why they’ve been considered a more secure option for groups like Hezbollah, which rely on avoiding modern tracking techniques.

But, as this incident shows, even old-school tech can be vulnerable to high-tech sabotage.

How could a pager explode?

The question on everyone’s mind: how do you turn a device as basic as a pager into a bomb?

While no one has confirmed exactly what happened, several theories are floating around. One possibility is a direct attack on the pagers’ batteries. These batteries can explode if they are tampered with. Essentially, if you can force a battery to overheat through a fault, it can trigger a chemical chain reaction. 

However, it’s not easy to set off a pager battery remotely. Unlike smartphones, pagers don’t connect to the internet, so a hacker would need another way to send the triggering signal. One theory is that the radio network that pagers use to receive messages may have been hacked, causing the system to emit a signal that forced the batteries to overheat.

Hacking the supply chain?

Another likely scenario is tampering during manufacturing. It’s possible that Hezbollah’s pagers were compromised before they even entered Lebanon. Some reports suggest that Israeli intelligence may have infiltrated the supply chain, embedding explosive components into the devices when they were being built or distributed. If true, this would explain how multiple devices across different regions exploded at the same time.

According to a report by Reuters, Hezbollah had ordered a batch of pagers from Taiwan-based company Gold Apollo, which then entered Lebanon earlier this year. But the company has denied making the models involved in the blasts, claiming the pagers were produced by another firm using their branding. If this was indeed a supply chain attack, it would highlight how even simple tech can be weaponised if compromised at the right stage.

Could this happen to smartphones?

This brings up an intriguing and unsettling question: could smartphones be targeted in the same way?

Smartphones are much more connected than pagers, making them more vulnerable to hacking. Over the years, we’ve seen examples of hackers remotely pushing malicious software onto phones. There are no instances where smartphones were targeted for explosions.

Smartphones have suffered from battery explosions due to manufacturing defects. Last year, an 8-year-old girl in Kerala lost her life when a phone exploded in her hands. In another case from Madhya Pradesh, a 68-year-old man died in Ujjain after a suspected mobile phone blast. But there are no confirmed reports of a smartphone being remotely hacked to cause an explosion. 

Why this 'Pager' attack was different?

What makes the pager attack unique is its use of technology that isn’t usually connected to a broader network, which may have lulled Hezbollah into a false sense of security. In fact, this may have been a key reason why the group stuck with pagers—they believed the lack of connectivity made them safe from high-tech interference. But, as the explosions show, even old tech can be vulnerable if an attacker is willing to play the long game, like planting faulty components during production.

While we don’t know all the details yet, the pager explosions in Lebanon could be the start of a new wave of cyber-physical attacks, where technology, whether cutting-edge or outdated, becomes both a tool and a target.