(Bloomberg) -- A group of Belarusian hackers said on Monday that it had breached computers used by Belarus’s railway network and encrypted data stored on them in an effort to disrupt the movement of Russian troops into the country.
The Cyber Partisans, a network of activist hackers that aims to overthrow Belarusian President Alexander Lukashenko’s regime, said it had targeted state-owned Belarusian Railway and encrypted the majority of the company’s servers, databases and workstations. A spokesman for the group said in an interview with Bloomberg News that the hackers were in the process of destroying a large amount of data held on a backup server.
The group said that it would return the railway network’s computers to normal working mode on condition that Belarus’s government stop Russian troops from entering the territory of Belarus, in addition to releasing 50 political prisoners who are in need of medical care.
Last week, Russia began sending troops to Belarus to stage joint military exercises amid fears of a Russian invasion of neighboring Ukraine. Trains were identified transporting Russian rocket launchers and other equipment in the Belarusian cities of Minsk, Gomel and Rechitsa, according to the Atlantic Council’s Digital Forensic Research Lab.
A website for the Belarusian Railway describes its division in Minsk is “one of the most important strategic hubs for railway transportation between Russia, the Baltic States and Western Europe.”
Representatives for Belarusian Railway didn’t respond to requests for comment. A representative at the Belarus embassy in Washington referred questions to the Ministry of Foreign Affairs, which didn’t immediately respond to a request for comment.
The immediate consequences of the hack weren’t immediately clear. The Belarusian Railway’s website returned a “temporarily unavailable” error message on Monday for people who tried to book tickets for travel.
Franak Viačorka, a senior adviser to exiled Belarusian opposition leader Sviatlana Tsikhanouskaya, described the hack as a “massive action” that could have consequences for Russian troop deployments.
“It could paralyze the railroad infrastructure, which has been used in the last week for transporting Russian military vehicles and soldiers to Belarus territory,” Viačorka said in an interview with Bloomberg News. “We understand why they did it. It sends a very strong message. And the demands from the hackers are directly related to the upcoming military drills.”
The spokesman for the Cyber Partisans said it was too early to discern the consequences of the hack. But the spokesman said the group expected it would likely result in a slowdown of passenger trains, which could in turn affect the movements of trains carrying Russian soldiers and military equipment.
The group had repurposed a kind of ransomware to encrypt the railway network’s computers, the spokesman said. Ransomware is commonly used by criminal hackers to target companies and encrypt their files, with attackers demanding payment in return for a key that can be used to unlock affected data. In this case, however, the hackers’ demand is political in nature.
The Cyber Partisans formed in September 2020, following the disputed election of Lukashenko. The group includes about 30 people, some of whom focus on what the group calls “ethical hacking” of Belarusian government computers.
The hackers have waged an aggressive campaign targeting Belarusian government and police agencies. Last year, they released a data trove that included secret police archives, lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centers and secret recordings of phone calls from a government wiretapping system, Bloomberg News reported.
In November, Belarus’s Supreme Court branded the hackers as terrorists and criminalized “recruitment, assistance and participation” in the group, according to the country’s prosecutor general’s office.
©2022 Bloomberg L.P.