- The Strategist - https://www.aspistrategist.org.au -
Remotely exploding pagers highlight supply chain risks
Posted By Jason Van der Schyff on September 24, 2024 @ 06:00
The attacks against Hezbollah using weaponised pagers and walkie talkies serve as a stark reminder of the dangers of compromised supply chains and why Australia must secure its own against the threats from China.
While the full details [1] about the devices are yet to emerge, the operation—presumed to be carried out by Israel though not declared as such—indicates what could happen if supply chains were exploited in more subtle but equally insidious ways. For nations like Australia, the consequences could be just as catastrophic.
While infiltrating electronic supply chains is not a new tactic, these incidents highlight the dramatically growing sophistication of supply chain attacks. Prior to this operation, the most famous [2] one was the Shin Bet’s 1996 assassination of Hamas’s chief bombmaker, Yahya Ayyash, using a rigged mobile phone.
With rising geopolitical tensions, particularly involving China, the risk of compromised hardware bound for Australia is alarmingly real, particularly considering China’s industrial capacity to produce at mass quantities.
China, as the world’s largest maker of electronic devices, plays a pivotal role in the global supply chain. But its dominance raises concerns, especially given its growing assertiveness and accusations of espionage and sabotage. There are genuine fears that China could exploit its control over the supply chain to insert vulnerabilities into hardware bound for Australia, whether for surveillance or sabotage.
A much-debated Bloomberg article of 2018, ‘The Big Hack [3]’, brought hardware-based supply chain attacks into the public consciousness, citing Chinese involvement in planting microchips in American servers. Although the report’s validity remains contested, classified intelligence has long suggested that China’s role in compromised supply chains represents a significant and ongoing threat. While awareness of these threats has grown, action to mitigate them has not kept pace.
As early as 2011, the US Department of Defense warned [4] that supply chain vulnerabilities were a ‘central aspect of the cyber threat’, stressing that over-reliance on foreign factories ‘provides broad opportunities for foreign actors to subvert US supply chains’. More than a decade later, this warning is more relevant than ever. Yet little progress has been made to secure critical infrastructure components that remain vulnerable to supply chain threats.
In Australia, the challenge is even more pressing. As a nation that relies heavily on imports for essential goods, from consumer electronics to military hardware, the potential for supply chain interdiction looms large, especially given that much of this equipment is manufactured in China.
Some action has been taken in the software sector, including by Australia and other countries prohibiting the involvement of Chinese suppliers in 5G networks due to concerns about disruption of critical telecommunications infrastructure. But securing one sector or one piece of software must be replicated in all sensitive areas and across both software and hardware.
Electronic devices such as routers, phones and even cars could be compromised at any stage in their journey from the manufacturer to the end user. Interdiction attacks, where hardware is tampered with during transport, are not difficult to execute, especially along complex shipping routes.
The consequences of such breaches extend beyond malfunctioning devices. Compromised electronics can open the door to espionage, sabotage and cyber-attacks, with potentially catastrophic implications for national security. If malicious actors, especially those backed by states, tamper with hardware on a large scale, they could gain access to sensitive data, disrupt critical infrastructure or even disable essential services.
Given these growing threats, Australia must take urgent action to safeguard its supply chains. One critical step is reducing dependence on Chinese manufacturing by investing in local production. For years, Australia has relied on foreign factories, particularly in China, for vital goods. While this reliance has driven down costs, it has exposed the country to risks of foreign tampering. Diversifying supply chains and building capabilities domestically and with close friends will reduce China’s leverage and improve Australia and the regions’ security.
But domestic production alone won’t solve the problem. Australia must also implement more rigorous inspection and testing protocols for imported goods. Currently, shipments pass through multiple jurisdictions, leaving opportunities for tampering along the way. Such advanced technologies as blockchain-based tracking systems can ensure shipments remain untampered with during transport, while hardware integrity testing can catch compromised devices before they reach critical infrastructure.
While no single measure will eliminate the risk of supply chain attacks, a combination of strategies can significantly reduce the danger. This will include strengthening domestic manufacturing, enhancing import inspection protocols, collaborating with trusted allies and adopting cutting-edge security technologies. The threat posed by compromised supply chains, particularly from China, is real. These vulnerabilities only become more urgent as the geopolitical situation becomes more volatile.
The recent events in Lebanon shouldn’t be seen only as distant and against a terrorist organisation but rather a stark reminder of what can happen when supply chains are compromised. For Australia, the stakes are too high to ignore. By taking proactive steps now to secure our supply chains from potential threats the country can protect our critical infrastructure, safeguard our national security, and ensure our future remains in our own hands, not China’s.
Article printed from The Strategist: https://www.aspistrategist.org.au
URL to article: https://www.aspistrategist.org.au/remotely-exploding-pagers-highlight-supply-chain-risks/
URLs in this post:
[1] full details: https://www.reuters.com/world/middle-east/gold-apollo-says-it-did-not-make-pagers-used-lebanon-explosion-2024-09-18/
[2] famous: https://www.nbcnews.com/investigations/israel-long-history-targeted-killings-enemies-rcna171888
[3] The Big Hack: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
[4] warned: https://theintercept.com/2019/01/24/computer-supply-chain-attacks/
Click here to print.
Copyright © 2024 The Strategist. All rights reserved.