Hactivists say they hacked Belarus rail system to stop Russian military buildup



Servicemen of Russia's Eastern Military District units attend a welcoming ceremony as they arrive in Belarus to take part in joint military exercises. Russia's military is using train travel as a means of transportation.

If Alexander Lukashenko stopped aiding Russian troops ahead of a possible invasion of Ukraine, the hacktivists would give the key to the network of the country's state-run railroad system.

A group calling itself Cyber Partisans wrote about the railway.

BelZhD, at the command of the terrorist Lukashenko, allows the occupying troops to enter our land. In order to disrupt the operation of the road, the bulk of the server, databases, and workstations of the BelZhD were locked down. The backups were destroyed.
>
Dozens of databases have been attacked, including AS-Sledd.
>
Automation and security systems were not affected by a cyber attack in order to avoid emergency situations.

The group announced the attack on social media.

We have the keys to return the Railroad's systems to normal mode. 50 political prisoners who are most in need of medical assistance should be released.
>
There is a plan to prevent the presence of Russian troops on the territory of Belarus.

The Cyber-Partisans are from the state of Belarus.

A representative from the group said in a direct message that the Peklo cyber campaign targets specific entities and government-run companies with the goal of pressuring the Belarus government to release political prisoners and stop Russian troops from entering Belarus to use its ground for the attacks on Ukraine.

Thousands of political prisoners are still being kept by the government, according to the representative. The main goal is to overthrow Lukashenko's regime, keep the sovereignty and build a democratic state with the rule of law, independent institutions and protection of human rights.

The images posted by the group appear to show hackers inside the private network of the railway.

Several services on the railway's website were unavailable when this post went live. The following message was returned when online ticket purchases weren't working.

ATTENTION PASSENGERS!
>
The web-resources of the Belarusian Railways and services for issuing electronic travel documents are temporarily unavailable for technical reasons. If you need to arrange travel or return electronic travel documents, please contact the ticket office. The performance of the systems is being restored. The Belarusian Railways apologized for the hassle they caused.

The representative said that freight trains were affected by the cyberattack.

Russia has been sending military equipment and personnel by rail into Belarus, which shares a border with Ukraine, according to reports. The worker group said at the time that it expected a large number of echelons to arrive in the coming days.

The Washington Post reported on Monday that the Defense Ministry of the country reported that Russian troops were in the country. There was video on social media Monday showing Russian military convoys and trains moving across Russia.

Advertisement

A tool for people who are not well known.

The images provided appeared to confirm someone gained privileged access to the network of the Belarus Railway.

He said in an interview that it was an interesting turn in the narrative. Most of the time, we think of ransomware as a financial concern for enterprises, and not as a tool for the less well-off in what amounts to a revolutionary struggle.

The Cyber Partisans representative said it was easy to access the railway network.

A representative said that the network is not well isolated from the internet. Cyber partisans opened many other entry points from within.

The post changed "divisions" to "echelons".