Belarusian military linked to hacking and disinformation campaigns targeting regime critics | Science & Tech News | #cybersecurity | #cyberattack


The Belarusian military is linked to hacking and disinformation campaigns which targeted the regime’s critics, including dissidents and foreign governments, new research has found.

Several individuals who were targeted before last year’s disputed election were afterwards arrested by the Belarus government, according to cyber security company Mandiant.

Mandiant explained that “sensitively sourced technical evidence” located the operation in Minsk and linked individual operators behind it to the Belarusian government.

What is causing the migrant crisis at the Belarus-Poland border?

EXPLAINER

The Mandiant report, assessing that Belarus has for several years been engaged in hostile activities targeting NATO-aligned neighbours with whom it shares a border, is released amid growing tensions in the region.

Thousands of migrants are enduring freezing conditions at the border with Poland where last weekend another body was discovered in woodland, bringing the death toll to at least nine.

The migrant crisis began after President Alexander Lukashenko allegedly offered migrants tourist visas to fly into Belarus, before encouraging them to then illegally enter neighbouring countries on foot.

The move has been described as Mr Lukashenko taking revenge on the European Union for sanctions imposed after the regime cracked down on protests following a disputed election last year.

International parties have condemned what NATO described as “the continued instrumentalisation of irregular migration artificially created by Belarus as part of hybrid actions targeted against Poland, Lithuania, and Latvia for political purposes”.

“These callous actions endanger the lives of vulnerable people,” NATO stated, while the EU accused Mr Lukashenko of gangster-style behaviour and imposed new sanctions.

Please use Chrome browser for a more accessible video player


Europe to widen Belarus sanctions over migrant crisis

Before the 2020 election the disinformation campaign had mainly focused on spreading negative stories about NATO’s presence in countries bordering Belarus, according to Mandiant.

These narratives made false allegations about the deployment of nuclear weapons in these countries and about NATO troops committing crimes or spreading COVID-19.

But following the elections last August, Mandiant says the information operations have attempted to allege corruption particularly within the ruling parties in Lithuania and Poland, whose governments strongly condemned Mr Lukashenko’s crackdown on demonstrators.

Image:
Belarus has been sanctioned following a disputed election last year. File photo of Interior Ministry servicemen: Reuters

Benjamin Read, director of cyber espionage analysis at Mandiant, told Sky News: “They compromised a local Polish municipality and put up a news story that a priest had been murdered by a migrant who they claimed was an Iraqi national and who had been in Lithuania and snuck into Poland.

“[But] the priest was still alive – people called him and he was still alive – so it wasn’t necessarily very effective. But we’ve seen them weaponise narratives around migration and migrants… we’ve seen that in Poland, in Polish.”

That particular information operation, playing on fears regarding migrants, “parallels what they’re doing now, rather horrifically, in the real world,” added Mr Read.

Mandiant has also identified how Belarusian dissidents, media entities, and journalists were among those targeted by the espionage campaign, due to domains which the hackers set up to harvest their credentials and then log in to their email accounts.

Alongside these domestic targets were wide variety of government and private sector entities in Ukraine, Lithuania, Latvia, Poland, and Germany – although the researchers note that Estonia, which is a regional NATO member but one which doesn’t border Belarus, did not appear to have been targeted in the same fashion.

The most important technique to defend against this kind of hacking is using two-factor authentication (2FA) for email and social media accounts, said Mr Read.

Follow the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker

It was also important to be cautious whenever receiving alerts claiming that your account had been accessed and encouraging you to reset your password, as this is one of the most common method that hackers use to steal credentials.

He said that hardware authentication devices such as YubiKeys offer the best protection, as even if the hackers managed to trick the victim into revealing their username and password in a phishing attack they would still need to physically capture the USB device too.



Original Source link

Posted in Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

forty six + = 51