Supply Chain Compromises
2024-09-18 17:56:32.836646+02 by Dan Lyke 2 comments
So yesterday, around 2,700 people were injured and 11 people were killed when pagers exploded across Lebanon: Hezbollah vows to punish Israel after pager explosions across Lebanon, 11 dead, thousands injured in explosive supply chain attack on Hezbollah pagers, and overnight it appears that walkie-talkies were also compromised: Hezbollah hand-held radios detonate across Lebanon, sources say.
Probably a fairly niche purchase, a couple of thousand pagers, but the notion that the supply chain could be this discretely compromised is interesting.
So there's a context into which to read this... Secure Boot-neutering PKfail debacle is more prevalent than anyone knew — Keys were marked "DO NOT TRUST." More devices than previously known used them anyway. ATMs, Point-of-sale terminals, voting machines...
Edit: Spencer Ackerman: A New Tactical Era of Supply-Chain Sabotage at Scale has some additional details and musings.
Edit 2: AP reports solar energy systems exploding, Via Slashdot.