Arcshields

Pager bombs RCIED (Radio Controlled Improvised Explosive device): I was asked by many colleagues to comment on the pagers incident that occured lately in the country. In fact, pagers like AR 924 that surfaced in the news, are communication devices that normally function on particular radio frequencies within the VHF (Very High Frequency) or UHF (Ultra High Frequency). They frequently employ the following frequency ranges: The 138–174 MHz for the VHF band or the 406–512 MHz for the UHF band. These frequencies may change based on the country, area, or infrastructure of the paging service. Having said this, we can first conclude that the attack is not an Internet of Things (IOT) exploitation of the pagers. The paging process is the following: A paging terminal considered as a control unit, takes the message from a phone or computer of an operator. It processes the message, encodes it usually in specific format, POCSAG or FLEX and transmits the signal through a paging transmitter using VHF or UHF bands. Each pager has a unique ID called CAPCODE that allows the intended recipient to decode the signal. Taking into consideration what happened, if we assume the pagers were altered by their provider or distributor in a context of a chain supply attack and used as RCIED devices, a broadcast using the same frequency and including the intended CAPCODE would be enough to reach targeted victims! By receiving a specific message the pagers firmware would be programmed upfront to detonate an explosive integrated in them. This could be one scenario for the forensic path. In such case we need to consider the following requirements: 1- The Transmitter power 2- The Antenna 3- The obstacles 4- The geographic distribution of the targeted victims. 5- If the operator facility was connected to the internet and exploited to deliver specific signals to the RCIED devices. Another potential path if the first scenario is considered irrelevant, could be that the device was altered and programmed to detonnate an explosive implanted inside of it at a specific date and time or purposely included a self destruction explosive if seized by the enemy which was unexpectedly triggered... I hope the coming days will shed light on this massive attack and reveal how it occurred!

A big thank you to Arcshields for the insightful and engaging cybersecurity workshop today! To learn more about Arcshields, visit our marketplace: https://lnkd.in/dGcjC-Pt #Cybersecurity #Workshop #eXceeders