Russia’s military began sending large numbers of weapons and troops into Belarus in late January. The official purpose of the movement was a joint military exercise, but Belarus, which has a 1,050km border with Ukraine and a government closely aligned with Moscow, was also a logical staging point for Russian president Vladimir Putin to carry out an invasion.
Several days after the troops arrived weird things started happening to the computer systems that ran the Belarus national railway system, which the Russian military was using as part of its mobilisation.
Passengers gathered on train platforms near Minsk, the capital, watched as information screens flickered and normal messaging was replaced by garbled text and an error message. Malfunctioning ticket systems led to long lines and delays as damaged software systems caused trains to grind to a halt in several cities, according to railway employees and posts that circulated on Belarusian social media.
The cause of the delays was a ransomware attack in which hackers had encrypted crucial files on
the railway’s computer systems, rendering them inoperable. The perpetrators of such attacks usually demand money in exchange for unlocking the seized files.
But the assailants in this case — a group of hackers identifying themselves as the Cyber Partisans — said they would provide the key to unlock the computers only if Russian troops left Belarus and the Belarusian government freed certain political prisoners.
The authoritarian government of Alexander Lukashenko was well aware of the Cyber Partisans, who’d become a key part of an opposition movement openly trying to overthrow his government.
Lukashenko’s opponents started by breaking into the websites of the government and state news agencies, a form of politically motivated hacking with a long history. Since then, they’ve begun to branch into cyberattacks that result in physical damage, a tactic traditionally seen as the domain of state-sponsored agents.
The result is beginning to look like a new model for revolutionary groups seeking to wage asymmetrical warfare, says Gabriella Coleman, a Harvard professor and an expert on hacking culture.
“They are really innovating in a way I have not seen before,” she says of the Cyber Partisans.
In the purest sense, the cyberattack on the train system didn’t succeed. Russian troops didn’t leave the country, and Belarus didn’t free the political prisoners.
But the train system remains impaired.
The operation also signalled a major escalation in what had been a domestic conflict. The Belarusian dissidents now see a single, broader struggle against both Lukashenko and Putin and have begun to join forces with an informal and chaotic global coalition of pro-Ukraine hackers.
These groups have targeted dozens of Russian government agencies, dumping huge troves of stolen emails and documents online.
Aliaksandr Azarau, a former Minsk police chief, arrived at a cafe near Warsaw’s central rail station one day in mid-March to tell the story of how he joined what he considers a war against Lukashenko’s government.
In March, Lukashenko expounded on the danger of cyberattacks: