Elina Noor

Opinion | Device hijackings an explosion of risk for Asia’s electronics industry

For the small businesses dominating Southeast Asia’s consumer electronics industry, ensuring against external tampering would be a costly burden

Reading Time:3 minutes

Why you can trust SCMP

A communication device lies on the ground as Lebanese forces prepare to destroy it in a controlled explosion, between the southern villages of Burj al Muluk and Klayaa, on September 19. Hundreds of pagers and walkie-talkies used by Hezbollah exploded across Lebanon in unprecedented attacks that spanned two days, killing 32 people and wounding more than 3,000 others. Photo: AFP

Elina Noor

Published: 8:30pm, 9 Oct 2024Updated: 6:18am, 10 Oct 2024

While the coordinated pager and walkie-talkie explosions in Lebanon have now been overshadowed by the threat of a widespread conflict, the attacks reveal three disturbing trends with lingering implications for Southeast Asia.

First, regardless of how the devices were rigged and detonated, it is clear that what goes on in the Levant does not stay in just the Levant. The trail of both types of communication devices implicates manufacturers across Asia and Europe.

The alleged Taiwanese maker of the pagers and its Hungarian partner, as well as the Japanese producer of the walkie-talkies recovered in the attacks, deny any involvement, and investigations are under way as to whether counterfeit models may have been used instead.

Of course, the interception and exploitation of hardware, firmware and software is a trade as old as espionage itself, and techniques have evolved alongside developments in digital technology. Intelligence agencies have secretly bought, operated and leveraged to their advantage the very companies that market so-called secure tools of communication to governments elsewhere.

The Crypto AG exposé, which involved more than 120 states, including Japan, South Korea, Indonesia, Malaysia, the Philippines and Vietnam over several decades, was a collaboration between the United States and (West) German intelligence that also benefited a handful of other Western countries. Agencies have also reportedly intercepted routers, servers and other computer network devices to implant surveillance tools.

But to commandeer communication instruments and repurpose them as improvised explosives, given the life and death consequences, is a completely different matter. For the complex network of unwitting suppliers, assemblers and distributors of these otherwise everyday devices, there are serious reputational, even legal, penalties of a different nature to now factor into their business risk management plans.