Cyber Partisans hacktivists claim credit for cyberattack on Belarusian Railways
Image: Florian Krumm
Andrea Peterson January 24, 2022

Cyber Partisans hacktivists claim credit for cyberattack on Belarusian Railways

Andrea Peterson

January 24, 2022

Cyber Partisans hacktivists claim credit for cyberattack on Belarusian Railways

A hacktivist group known as the Cyber Partisans is claiming credit for disruptions of networks and databases related to the national rail system in Belarus Monday as tensions mount in Eastern Europe. 

The Cyber Partisans are part of a recent resurgence of activists using digital means for digital protest and action–at times turning the tools of oppressive surveillance states against themselves. 

The group posted messages to Twitter and Telegram channels promoting their alleged digital sabotage of Belarusian Railways, making specific demands regarding the release of political prisoners and preventing the use of transportation infrastructure to support Russian troop movements. 

The group tweeted it “encrypted some of [Belarusian Railways’] servers, databases and workstations to disrupt its operations,” but did not attack “automation and security systems” due to safety concerns. The group also made posts claiming to show data on a Telegram channel. 

A post to the rail service’s website appears to confirm technical difficulties—warning passengers that online resources and systems related to issuing electronic tickets are not operational. However, the exact nature of the disruption and how long it may last is still unclear. 

Belarusian Railways and Cyber Partisans did not immediately respond to a request for further comment. Rail is a major method of freight transit in Belarus, with the service itself reporting moving 1.245 million containers worth of shipments around the country in 2021. News reports suggest that the system is being used to support Russian efforts to build up troops and military equipment near Ukraine. 

Cyber Partisans rose to prominence last summer after a series of cyberattacks involving the siphoning and release of records and documents related to government abuse and corruption in an apparent bid to topple Belarus’s long-standing dictator, Alexander Lukashenko.

A spokesperson for the group told Bloomberg at the time that the group consisted of around 15 people, a handful of whom did actual hackings of the system, with the others providing support. 

Lukashenko is politically aligned with Russia and the country he controls shares a border with Ukraine, which has also been the site of recent cyber operations involving apparent use of ransomware-style tactics to disrupt systems.

Andrea (they/them) is senior policy correspondent at The Record and a longtime cybersecurity journalist who cut their teeth covering technology policy ThinkProgress (RIP), then The Washington Post from 2013 through 2016, before doing deep dive public records investigations at the Project on Government Oversight and American Oversight. Their work has also been published at Slate, Politico, The Daily Beast, Ars Technica, Protocol, and other outlets. Peterson also produces independent creative projects under their Plain Great Productions brand and can generally be found online as kansasalps.