When Everyday Devices Become Weapons: A Closer Look at the Pager and Walkie-talkie Attacks
Pantha Protim Sarker, Upoma Das, Nitin Varshney, Shang Shi, Akshay Kulkarni, Farimah Farahmandi, Mark Tehranipoor
TL;DR
This paper investigates hardware-based threats posed by battery-powered devices, focusing on pagers and walkie-talkies as weaponizable infrastructure illustrated by the September 2024 Lebanon incidents. It analyzes the attack's background, technical modifications, supply-chain tampering, and the broader implications for governments and industry. The authors extend the discussion to battery management systems, offering a taxonomy of attacks and highlighting limitations of conventional physical inspection techniques. They propose emerging inspection modalities, such as quantum imaging, neutron imaging, and terahertz imaging, along with blockchain traceability and AI-based detection, to bolster defense of cyber-physical systems. The work emphasizes actionable measures to strengthen the security and resilience of battery-powered devices in global supply chains.
Abstract
Battery-powered technologies like pagers and walkie-talkies have long been integral to civilian and military operations. However, the potential for such everyday devices to be weaponized has largely been underestimated in the realm of cybersecurity. In September 2024, Lebanon experienced a series of unprecedented, coordinated explosions triggered through compromised pagers and walkie-talkies, creating a new category of attack in the domain of cyber-physical warfare. This attack not only disrupted critical communication networks but also resulted in injuries, loss of life, and exposed significant national security vulnerabilities, prompting governments and organizations worldwide to reevaluate their cybersecurity frameworks. This article provides an in-depth investigation into the infamous Pager and Walkie-Talkie attacks, analyzing both technical and non-technical dimensions. Furthermore, the study extends its scope to explore vulnerabilities in other battery-powered infrastructures, such as battery management systems, highlighting their potential exploitation. Existing prevention and detection techniques are reviewed, with an emphasis on their limitations and the challenges they face in addressing emerging threats. Finally, the article discusses emerging methodologies, particularly focusing on the role of physical inspection, as a critical component of future security measures. This research aims to provide actionable insights to bolster the resilience of cyber-physical systems in an increasingly interconnected world.