Cyber Partisans

Cyber Partisans (Belarusian: ''кіберпартызаны'', Russian: ''киберпартизаны'') is a Belarusian decentralized anonymous activist/hacktivist collective emerged in September 2020, known for its various cyber attacks against the authoritarian Belarusian government. The group is part of the broader Belarusian opposition movement.

Membership and aims

Cyber Partisans consists of a group of Belarusian IT workers who live abroad.Liz Sly
The Belarusian railway workers who helped thwart Russia's attack on Kyiv
''Washington Post'' (April 23, 2022). In an August 2021 interview to Bloomberg, hackers shared some details about themselves: they are 15 people, none of whom are professional hackers; of them, only 3 or 4 perform the hacks, others deal with the analysis of obtained data; and some group members were penetration testers before joining the group. Members are anonymous even to each other. The group describes its activities as ethical hacking, as it goes only against the state and do not harm to ordinary citizens.Ryan Gallagher
'Cyber Partisans' Say They Hacked Belarus Rail to Disrupt Russian Troops
, Bloomberg (January 24, 2022). In late January 2022, the group reportedly consisted of some 30 people. Its spokesperson, Yuliana Shemetovets, is based in New York.
Frank Bajak
Belarus hacktivists target railway in anti-Russia effort
, Associated Press (January 24, 2022).

An anonymous spokesperson for the group told in an interview to '' MIT Technology Review'': "What we want is to stop the violence and repression from the terroristic regime in Belarus and to bring the country back to democratic principles and rule of law." In 2021 and 2022, the group affirmed that it was not collaborating with any foreign government, but "we are not against it, as long as it aligns with our depicted goals, to change the regime."

History and actions

The Cyber Partisans originated in September 2020 after the 2020 Belarusian presidential election and subsequent protests against its falsification by Alexander Lukashenko. The protests were brutally suppressed by the government's police and security forces.

Initially, actions by the group were symbolic: group members hacked state news websites (All-National TV, Belarus-1) and streamed videos showing scenes of police brutality, and inserted the names of Lukashenko and the minister of Internal Affairs, Yury Karayeu, to a police most wanted list. The group also hacked government websites to add the white-red-white flag, which is favored by the Belarusian dissidents, over the official red and green flag of the country.

Cyber Partisans work together with the BYPOL group, which consists of former Belarusian police officers working against Lukashenko's government. Their knowledge of database structure helps to plan and execute the Partisans' moves.

In July 2021, Cyber Partisans hacked the Ministry of Internal Affairs' most sensitive databases. The group obtained a large volume of material, includes the archive of almost 2 million minutes of secretly recorded phone conversation audio; lists of alleged police informants; personal information about top government officials; and video footage gathered from police drones and detention centers. The group also obtained the databases for passports, all registered motor vehicles, recordings from the cameras in the Okrestina prison's isolation cells, and mortality statistics. The group shared these data with the journalists who calculated the excess mortality during the COVID-19 pandemic in Belarus. They concluded that from March 2020 to March 2021, this figure was 32,000 people, 14.4 times more than the authorities reported. The group published passport data of Lukashenko and his sons to prove that they really hacked that database. The authenticity of the data was also demonstrated by data on journalists from Current Time TV, which the Partisans provided to Current Time at the outlet's request to prove the veracity of the leak.

During the 2022 Russian invasion of Ukraine, Cyber Partisans was one of three main Belarusian dissident groups that worked to stymie the Belarusian involvement in the Russian invasion, specifically by targeting railroad supply lines. (The other groups were Belarusian railway workers and defectors from the government's security forces).Liz Sly
The Belarusian railway workers who helped thwart Russia's attack on Kyiv
''Washington Post'' (April 23, 2022). Cyber Partisans launched the first attack on the railway's systems in late January 2022, in the days immediately before the invasion slowing the movement of Russian troops before they had crossed the border. The group said that it had penetrated the Belarusian Railway's network system the previous month, in December 2021. A spokesperson for Cyber Partisans said that the railway company's system was vulnerable and ran on an outdated Windows XP operating system. The group used a modified form of ransomware to paralyze the railway system, saying that it would return to computer network to normal if the Belarusian government released 50 political prisoners in need of medical treatment and stopped Russian forces from entering Belarus. Partisans hacked and encrypted internal databases of the railway. The group targeted freight rail to disrupt Russian military movements and cargo bound for China; the group said that it deliberately avoided affecting passenger rail.

The group also obtained access to a database of all border crossing records. To prove it, one of the group members provided a ''Guardian'' journalist "a full list of his travel records to Belarus going back to 2016". Cyber Partisans provided the border entry and exit data to the independent investigative journalism group Bellingcat.

Response from Lukashenko regime

In a speech on state TV in July 2021, head of the Belarusian KGB Ivan Tertel blamed "foreign special services" for cyberattacks on government targets.

In 2021, the Belarusian government (through the Belarusian Supreme Court and Ministry of Internal Affairs) declared the information resources Cyber-Partizans, its subsidiary project Cyber-Leaks, and all their Telegram channels to be "extremist" organisations. Creating or participating in such a group is a crime in Belarus.

Reactions and analysis

Anthropologist Gabriella Coleman, a professor at McGill University and an expert on hacktivism and the Anonymous, commented to Bloomberg: “I don't think there are a lot of parallels to this, that they are so sophisticated and are attacking on multiple levels, it’s not something I’ve seen before except in the movies.”

According to associate professor Tetyana Lokot of Dublin City University, who specializes in protest and digital rights issues in Eastern Europe, “If ever Lukashenko ends up facing prosecution in the International Criminal Court, for example, these records are going to be incredibly important.”

The group has been praised by the Belarusian opposition, including Franak Viačorka, a senior adviser to exiled opposition leader Sviatlana Tsikhanouskaya. Andrei Sannikov, a former Belarusian diplomat and a candidate at the 2010 presidential election in Belarus, in an interview to ''MIT Technology Review'' said that "They’re making the regime’s crimes transparent. The information they’re getting by hacking the state really is very eloquent in witnessing the criminal activities of the regime against the citizens."

The group was the subject of the BBC Radio 4 series ''Digital Human'' episode that aired in March 2022.

References

External links

*Gallagher, Rya
''A Ragtag Band of Hackers Is Waging Cyberwar on Putin’s Supply Lines''
'' Bloomberg'' (June 15, 2022)
{{Belarusian democracy movement
2020–2021 Belarusian protests
Belarusian opposition
Hacker groups
Resistance during the 2022 Russian invasion of Ukraine