Live updates: Follow the latest on Israel-Gaza
Lebanon is reeling from deadly attacks that saw handheld communication devices detonate on Wednesday and thousands of pagers simultaneously explode to kill 12 people, including two children, and injure nearly 3,000 the day before.
Afterwards, concern grows over whether consumer electronics can be used to inflict physical harm on unsuspecting people. The short answer is, yes, it can be done – but the methods to actually do this are complex.
Without physical contact with the device, it is difficult to access the firmware – the software that manages the hardware – needed to manipulate physical parts such as a battery to make it overheat and possibly ignite.
Pagers, devices that can receive alphanumeric messages, were popular in the 1990s. While official verification of whether Israeli officials accessed Hezbollah pagers physically or accessed them en masse remotely is yet to be confirmed, Tuesday's attack shows that perpetrators are skilled enough to tap into older technology. This also raises questions about how much more damage can be done, particularly with higher-powered modern equipment.
Today, devices ranging from laptops to thermostats can be hacked remotely. Printers, for example, can have their ink heated enough to burn the paper inside them, or vehicle systems could be compromised to disable parts such as brakes. US consultancy Gartner in 2021 warned that cyber criminals would use operational technology environments to harm or kill humans in the next four years.
“In all these devices, there's a tiny, little computer there … [pagers] are kind of slow, but they're still computers,” Robert Graham, chief executive of Atlanta-based cyber security company Errata Security, told The National. “So whoever intercepted these would likely write their own software, change the software and put that on the devices, so that they would operate the same."
It is very difficult to remotely reprogramme the physical hardware of a battery to overheat to cause an explosion, Mr Graham said, and a phone battery would need to be fully charged to cause damage if triggered.
Picking targets
Smartphones, the most popular consumer electronic devices, are obvious candidates for an attack, but they are a costly option for potential attackers due to stringent measures taken by their makers.
Advanced technology has also contributed to preventing remote access, particularly within the top tier of smartphones from Apple and Google. Apps on devices from Samsung Electronics and Huawei Technologies “are known to often have a lot more bugs” than those from Apple and Google, Mr Graham said.
Mohamed Belarbi, chief executive of Abu Dhabi-based cyber security firm Cypherleak, agrees: the cost of hacking a well-made and secured device could be astronomical.
“When it comes to firmware, you need a lot of technical background and skills,” he told The National. You would have to be “able to bypass the security safeguards that are built in by the manufacturers.
"We've seen this before where the cost of hacking into an Apple iPhone could cost millions of dollars – now imagine multiplying that to access something as critical and as dangerous as blowing up a pager or blowing up a turbine.”
Yet for less protected or more flawed systems, everyday items can be used to hack into your devices. There is the humble data and power cable that can be bought on any e-commerce site such as Amazon, the most popular of which today is the USB-C. This simple connection has the ability to severely compromise a device.
“These things are becoming so sophisticated that today you can buy on the internet a USB-C cable that has a little computer embedded in the head of the cable,” Mr Belarbi said. This device can manipulate the physical components of technology to a desired, and in many cases malicious, effect.
Taking precautions
In the US, the FBI last year warned against using public charging points for electronic devices, saying they can be a gateway for cyber criminals. Charging stations in public spaces, including malls, hotels, restaurants and parks, have paved the way for “juice jacking”, which simply means using a USB connection to compromise a device.
“The moment you start using it to charge, the hacker is able to access your phone and to gather data. And this is quite common,” Mr Belarbi added.
Where technology is manufactured and who is involved in the supply chain can be risk factors, particularly in today's more globalised environment. For example, a lot of devices and their parts are sourced from China, which means there is a chance that the state or its actors might intervene, similar to the US government's backdoor access to online platforms, he said.
“I think it's just an inherent risk that we have to live with and [have to] determine what are we comfortable with and what are we not comfortable with.”
Another question that has been asked is why attacks using technology have not been seen in Gaza. One answer is that because a lot of the technology in Gaza is locally made, it is less accessible.
“They're able to communicate without interference from outside operators or actors,” Mr Belarbi said, unlike in the case of Israel's attack on Hezbollah, where radio waves could have been used to cause temporary interference.
“So you always see … the benefit, pros and cons of having your own technology. Yes, in terms of maturity and advancement, it might not catch up with whatever is out there commercially, but it definitely allows you to avoid a lot of the issues associated with technology tampering,” he added.
Manufacturers must adapt
“There's nothing you can do if a phone or device has been tampered with at the manufacturer or supply chain level before it reaches you,” Mr Belarbi said. “Because even if you open an iPhone or a Samsung, you wouldn't be able to tell.”
Manufacturers, especially the biggest ones, ensure a strict ecosystem in the components of their devices – but not all firms are built equally.
“We have companies that are ahead of the curve – Apple and Google ,” Mr Graham said. “Most electronic devices are behind the curve, and we can probably find the bug pretty easily, whereas Apple and Android are very, very tough.”
But the Lebanon incident also goes beyond being a wake-up call – it's a “stark reminder that our approach to supply-chain security needs a complete overhaul”, Andreas Hassellof, chief executive of Dubai-based technology company Ombori, told The National.
“We're facing a new breed of threats that blur the lines between digital and physical vulnerabilities,” he said, noting the previous advanced supply chain attacks on SolarWinds, NotPetya and SuperMicro. “The message is clear: adapt or become a target. Organisations clinging to outdated security models aren't just falling behind – they're inviting disaster.”
RESULT
Valencia 3
Kevin Gameiro 21', 51'
Ferran Torres 67'
Atlanta 4
Josip Llicic 3' (P), 43' (P), 71', 82'
The specs
Engine: 3.8-litre V6
Power: 295hp at 6,000rpm
Torque: 355Nm at 5,200rpm
Transmission: 8-speed auto
Fuel consumption: 10.7L/100km
Price: Dh179,999-plus
On sale: now
UAE currency: the story behind the money in your pockets
How to apply for a drone permit
- Individuals must register on UAE Drone app or website using their UAE Pass
- Add all their personal details, including name, nationality, passport number, Emiratis ID, email and phone number
- Upload the training certificate from a centre accredited by the GCAA
- Submit their request
What are the regulations?
- Fly it within visual line of sight
- Never over populated areas
- Ensure maximum flying height of 400 feet (122 metres) above ground level is not crossed
- Users must avoid flying over restricted areas listed on the UAE Drone app
- Only fly the drone during the day, and never at night
- Should have a live feed of the drone flight
- Drones must weigh 5 kg or less
UAE and Russia in numbers
UAE-Russia ties stretch back 48 years
Trade between the UAE and Russia reached Dh12.5 bn in 2018
More than 3,000 Russian companies are registered in the UAE
Around 40,000 Russians live in the UAE
The number of Russian tourists travelling to the UAE will increase to 12 percent to reach 1.6 million in 2023
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
Elvis
%3Cp%3E%3Cstrong%3EDirector%3A%3C%2Fstrong%3E%20Baz%20Luhrmann%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%3C%2Fstrong%3E%20Austin%20Butler%2C%20Tom%20Hanks%2C%20Olivia%20DeJonge%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3C%2Fp%3E%0A
The Sky Is Pink
Director: Shonali Bose
Cast: Priyanka Chopra Jonas, Farhan Akhtar, Zaira Wasim, Rohit Saraf
Three stars
The Pope's itinerary
Sunday, February 3, 2019 - Rome to Abu Dhabi
1pm: departure by plane from Rome / Fiumicino to Abu Dhabi
10pm: arrival at Abu Dhabi Presidential Airport
Monday, February 4
12pm: welcome ceremony at the main entrance of the Presidential Palace
12.20pm: visit Abu Dhabi Crown Prince at Presidential Palace
5pm: private meeting with Muslim Council of Elders at Sheikh Zayed Grand Mosque
6.10pm: Inter-religious in the Founder's Memorial
Tuesday, February 5 - Abu Dhabi to Rome
9.15am: private visit to undisclosed cathedral
10.30am: public mass at Zayed Sports City – with a homily by Pope Francis
12.40pm: farewell at Abu Dhabi Presidential Airport
1pm: departure by plane to Rome
5pm: arrival at the Rome / Ciampino International Airport
Results
%3Cp%3E%0D%3Cstrong%3EElite%20men%3C%2Fstrong%3E%0D%3Cbr%3E1.%20Amare%20Hailemichael%20Samson%20(ERI)%202%3A07%3A10%0D%3Cbr%3E2.%20Leornard%20Barsoton%20(KEN)%202%3A09%3A37%0D%3Cbr%3E3.%20Ilham%20Ozbilan%20(TUR)%202%3A10%3A16%0D%3Cbr%3E4.%20Gideon%20Chepkonga%20(KEN)%202%3A11%3A17%0D%3Cbr%3E5.%20Isaac%20Timoi%20(KEN)%202%3A11%3A34%0D%3Cbr%3E%3Cstrong%3EElite%20women%3C%2Fstrong%3E%0D%3Cbr%3E1.%20Brigid%20Kosgei%20(KEN)%202%3A19%3A15%0D%3Cbr%3E2.%20Hawi%20Feysa%20Gejia%20(ETH)%202%3A24%3A03%0D%3Cbr%3E3.%20Sintayehu%20Dessi%20(ETH)%202%3A25%3A36%0D%3Cbr%3E4.%20Aurelia%20Kiptui%20(KEN)%202%3A28%3A59%0D%3Cbr%3E5.%20Emily%20Kipchumba%20(KEN)%202%3A29%3A52%3C%2Fp%3E%0A
Types of fraud
Phishing: Fraudsters send an unsolicited email that appears to be from a financial institution or online retailer. The hoax email requests that you provide sensitive information, often by clicking on to a link leading to a fake website.
Smishing: The SMS equivalent of phishing. Fraudsters falsify the telephone number through “text spoofing,” so that it appears to be a genuine text from the bank.
Vishing: The telephone equivalent of phishing and smishing. Fraudsters may pose as bank staff, police or government officials. They may persuade the consumer to transfer money or divulge personal information.
SIM swap: Fraudsters duplicate the SIM of your mobile number without your knowledge or authorisation, allowing them to conduct financial transactions with your bank.
Identity theft: Someone illegally obtains your confidential information, through various ways, such as theft of your wallet, bank and utility bill statements, computer intrusion and social networks.
Prize scams: Fraudsters claiming to be authorised representatives from well-known organisations (such as Etisalat, du, Dubai Shopping Festival, Expo2020, Lulu Hypermarket etc) contact victims to tell them they have won a cash prize and request them to share confidential banking details to transfer the prize money.
* Nada El Sawy
The specs: 2018 Volkswagen Teramont
Price, base / as tested Dh137,000 / Dh189,950
Engine 3.6-litre V6
Gearbox Eight-speed automatic
Power 280hp @ 6,200rpm
Torque 360Nm @ 2,750rpm
Fuel economy, combined 11.7L / 100km
SHAITTAN
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EVikas%20Bahl%3Cbr%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EAjay%20Devgn%2C%20R.%20Madhavan%2C%20Jyothika%2C%20Janaki%20Bodiwala%3Cbr%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3%2F5%3C%2Fp%3E%0A
'The worst thing you can eat'
Trans fat is typically found in fried and baked goods, but you may be consuming more than you think.
Powdered coffee creamer, microwave popcorn and virtually anything processed with a crust is likely to contain it, as this guide from Mayo Clinic outlines:
Baked goods - Most cakes, cookies, pie crusts and crackers contain shortening, which is usually made from partially hydrogenated vegetable oil. Ready-made frosting is another source of trans fat.
Snacks - Potato, corn and tortilla chips often contain trans fat. And while popcorn can be a healthy snack, many types of packaged or microwave popcorn use trans fat to help cook or flavour the popcorn.
Fried food - Foods that require deep frying — french fries, doughnuts and fried chicken — can contain trans fat from the oil used in the cooking process.
Refrigerator dough - Products such as canned biscuits and cinnamon rolls often contain trans fat, as do frozen pizza crusts.
Creamer and margarine - Nondairy coffee creamer and stick margarines also may contain partially hydrogenated vegetable oils.
Innotech Profile
Date started: 2013
Founder/CEO: Othman Al Mandhari
Based: Muscat, Oman
Sector: Additive manufacturing, 3D printing technologies
Size: 15 full-time employees
Stage: Seed stage and seeking Series A round of financing
Investors: Oman Technology Fund from 2017 to 2019, exited through an agreement with a new investor to secure new funding that it under negotiation right now.
The specs
Engine: 3.0-litre six-cylinder turbo
Power: 398hp from 5,250rpm
Torque: 580Nm at 1,900-4,800rpm
Transmission: Eight-speed auto
Fuel economy, combined: 6.5L/100km
On sale: December
Price: From Dh330,000 (estimate)
The Africa Institute 101
Housed on the same site as the original Africa Hall, which first hosted an Arab-African Symposium in 1976, the newly renovated building will be home to a think tank and postgraduate studies hub (it will offer master’s and PhD programmes). The centre will focus on both the historical and contemporary links between Africa and the Gulf, and will serve as a meeting place for conferences, symposia, lectures, film screenings, plays, musical performances and more. In fact, today it is hosting a symposium – 5-plus-1: Rethinking Abstraction that will look at the six decades of Frank Bowling’s career, as well as those of his contemporaries that invested social, cultural and personal meaning into abstraction.
UAE currency: the story behind the money in your pockets
