Comment by pragma_x
> make the device exagerte some existing functionality to a point where it caused a malfunction? Thoughts on this?
I'm actually astounded by the things that must have been in place to make this attack even plausible, let alone viable. At the same time, the ramifications are sobering. Here's where my head is:
- Hezbollah failed to inspect electronics that, if tampered with, could have lead to some kind of intel breach. That or the explosive modifications were indistinguishable from the real thing.
- Operatives knew what pager numbers were in use by Hezbollah, perhaps exclusively to the rest of the population.
From there I have three possible explanations for how this may have been executed:
1. Many shipments of such pagers bound for Hezbollah in Lebanon and other places in the region, were identified, intercepted, modified, and sent on their way with minimal delay. You probably don't get many opportunities like this (how often do you replace a pager?), so this is really quite a hat-trick.
2. Or: there are many more pagers out there with a very dangerous vulnerability on board, with only a special pager sequence that stands between the user and sudden death. This suggests simply infiltrating the manufacturer instead. This also has much more favorable lead times and can leverage the manufacturer's resources to that end.
3. Or: There's a pager manufacturer out there with gob-smackingly bad engineering and software on completely stock units, which operatives simply exploited to (sub)lethal effect.
You don't have to intercept a shipment and tamper at large scale with incredible speed if you're posing as the supplier.
That's what I believe happened. Specially likely if you consider that terrorist orgs are not exactly putting RFPs or doing large orders at legit vendors. That gives you the chance to pose as a helpful supplier that operates on the down low and accepts cash on delivery, etc.