“Sabotage, resistance, silence — this is about us,” says the Belarusian hacktivist group calling themselves the Cyber Partisans.
Hacktivists are on the rise once again — and not the Guy Fawkes mask wearing group known as Anonymous. It’s the Cyber Partisans, a resistance group that is moved by the fire of activism, in the spirit of vigilantism as they are locked in a battle against the powers of Belarus for the liberation of the people.
National unrest ignited in Belarus in the wake of the 2020 presidential election after President Alexander Lukashenko sought a sixth consecutive term since first taking office 26 years ago. He is being called “Europe’s longest serving dictator,” winning with 80.23% of the vote. Public outcry ensued as citizens believed that the election was rigged.
Lukashenko was secretly sworn in again as the presidency during an unannounced ceremony — an uncharacteristic act since presidential inaugurations are usually planned and publicized in advance as prominent state occasions. Before the elections commenced, opposition candidate Svetlana Tikhanovskaya quickly deserted her home in the wake of her senior staff members being arrested by police.
People spilled out onto the streets in Belarus’s capital Minsk, blocking roads and sometimes chasing police vehicles from the area. The authorities responded by using water cannons and deploying riot police forces.
Protestors clashed with police while they voiced their dispute over the election results. The movement quickly involved tens of thousands of voices marching against the state, which ultimately evolved into a peaceful protest, even though security forces still managed to violently drag people away.
While public political demonstrations in various intensities are quite common in places around the world, and best understood as a vehicle for sending a strong message by disenfranchised citizens, in the grand scheme of things it might sometimes be thought as a passive form of opposition against the iron foreheads of undeterred state powers.
State response: censorship
Imagine glancing at your phone and seeing no Internet connectivity. It happens every once in a while when someone is traveling in a rural area with limited to no network coverage. Reimagine it under a different scenario such as the turn of events described above, but with an additional element: a country wide rolling Internet blackout in addition to a wireless mobile network shut down with most carriers.
On Sunday afternoon Aug. 9, 2020, an Internet blackout ensued across the entire country, which happened simultaneously during the onset of public unrest. Mobile phone coverage also went down.
After a total of 61 hours both networks were restored by Wednesday morning. However, during those long hours large-scale censorship of mainstream social media sites and popular messaging services was ensued.
The Google search engine was also blocked as well as en.wikipedia.org. Telecommunication companies also started blocking access to Virtual Private Network services (VPN), a vital instrument in defeating censorship and protecting data privacy.
In addition, on the DNS server level visit to mainstream social media platforms was also restricted.
When this is put into a certain perspective, deliberate Internet and mobile network blackouts can be an effective way to disrupt communications and prevent people from having the ability to distribute information and mobilize others.
News media outlets with inside information had warned in advance that the government was planning to initiate an Internet blackout during the polls. At first, it was forecasted that the blackouts would only take place in Minsk — not on a nation-wide scale.
“Once they shut down the Internet, it was clear they are hiding something,” Michael Klimarev, executive director at the Internet Protection Society, told CyberNews. He said that the Internet blackout was expected, and that it wasn’t carried out in a professional manner.
Financial help to protestors in the form of Bitcoin
Dedicated protestors oftentimes find themselves in a financial crisis whenever they find themselves in the precarious situation to either help take a stand against the object of their opposition or continue their daily routines such as maintaining employment. Demonstrators can lose their jobs during the pursuit to maintain a constant presence on the streets, which can also financially impact themselves and their dependents. Therefore, stimulus arrived from a neighboring country.
A non-profit organization situated in the Netherlands by the name of the Belarusian Solidarity Fund stepped in and started providing financial assistance to protestors in the form of Bitcoin (BTC).
Founded by Yaroslav Likhachevsky and Alexey Kuzmenkov, the tech entrepreneurs are themselves members of the Belarusian diaspora, who align themselves with the group that believes the presidential elections on Aug. 9 were rigged, the outcome a fraud, and that the police’s violent response to peaceful protestors was unlawful.
The financial assistance is designed to “support everyone who lost their jobs because of their beliefs and wants to live in a free and democratic Belarus,” according to their website.
Not every person is eligible for assistance. There are a set of conditions involved to determine eligibility. For example, in order to qualify for an assistance of 1,500 euros ($1,770) in BTC, applications are required to provide documented proof of having been dismissed from their places of employment, in addition to evidence of participation in the protests. Furthermore, applicants must publicly announce their political alignment.
However, not only did former compatriots provide citizens of Belarus with help, but the situation united people with different backgrounds, including hackers.
While activists can be seized on street corners, and the messages proclaimed by protestors censored on social media, hackers attack from the shadows and dissolve back into the element of obscurity from which they came.
Because oppressive government regimes are dependent upon the same exact data infrastructure as the rest of the world, hacktivists theoretically hold a key advantage over abusive powers whose very existence seems to undermine basic human rights and harm those they are sworn to protect. Therefore, it is a matter of moral fortitude when hacktivist groups arise and help defend the basic freedoms of society, or to try and expose an apparent social injustice.
Cyber attacks on government IT infrastructure
Thus, on Sept. 2, cyber attacks commenced with the group of hacktivists breaking into the main page of the Lukashenko’s administration website, defacing it with a picture of a white-red-white flag — the official standard used by the Belarusian People’s Republic from 1918 to 1919.
The defacement image also contained a doctored picture of Viktar Sheiman, who is head of the Bureau for Presidential Affairs, wearing a ceremonial uniform with his head covered with a manipulated image of Verka Serduchka, the Ukranian comedian and drag state personality.
The next day, on. Sept. 3, the group exploited their way into the website of the Belarusian Ministry of Internal Affairs, where the hackers manipulated the web page by uploading two new alleged criminals to the site’s “Wanted” section: Lukashenko and Yury Karajeau, the Interior Minister. The two profiles also appeared in the list of “missing” persons, with the date of Aug. 9, which was the day following the presidential elections in Belarus, indicating the date of the “disappearance.”
Furthermore, under the column “Additional,” Lukashenko’s section was altered to say: “He is accused of war crimes against the Belarusian people and usurpation of power in the Republic of Belarus.” Under the column “Special Signs” the hackers added: “Severely limps when walking.”
What followed next was the website of the Belarusian Ministry of Internal Affairs being taken offline, causing it to be inaccessible for a period of time.
On Sept. 4, after breaking into the primary web portal used by the police, the website belonging to the Academy of the Ministry of Internal Affairs of the republic was breached, as the threat actors uploaded an archival photograph with young fascists from the era of the Hitler Youth, which they uploaded to the main web page. Next to them stood a photoshopped image of Lukashenko instead of Adolf Hitler, which included a red-green inscription: “Academy of the Ministry of Internal Affairs.”
The hacktivists posted the following message above the image:
“The Academy of the Ministry of Internal Affairs is a school for liars, rapists, and murderers. Interior Ministry officers stained the honor of their uniforms with the blood of beaten and tortured people. If you are innocent, leave the Ministry of Internal Affairs ranks and join the people in the struggle for the freedom of Belarus. After a change of regime, you will be able to return to the department and serve the people, not the dictator!”
Later that same month, the state television online evening broadcast channels Belarus 1 and ONT were penetrated by the cyber vigilantes, where the feed was disrupted and replaced by video footage about the police assaulting protestors.
As of Oct. 1, the Cyber Partisans had launched at least 15 publicly known attacks on Belarus state-owned web resources. Initially, the hackers altered the site’s content in order to promote public awareness, but later decided to tamper tax collection resources, tenders in addition to other web based infrastructure important for the government.
The mission evolved into a movement
BeInCrypto reached out to the Cyber Partisans to further elaborate on the matter. According to the hacktivists, their efforts are a multinational conglomeration, since their attacks against the regime were able to attract the interest of others not domestically situated.
“Specialists are scattered all over the world,” they said. They wouldn’t disclose which countries are involved, stressing the need to maintain anonymity. Here is what they said in regard to their organizational structure:
“Our team was originally centralized. As new teams appeared, this form ceased to be relevant, we can safely say that it is a decentralized structure, since some teams have become isolated and we occasionally contact them. I cannot disclose the formation procedure.”
In one of their interviews, the Cyber Partisans said that they can hack into anything, but everything has a price. It was a curious statement, which gave the impression that their attacks against the current political regime could have been ordered in advance by a third-party entity, perhaps a person, an organization. However, it is not outside the question that they could be acting autonomously. Therefore, they weighed in on this question, saying:
“We are autonomous. Here, first of all, we are talking about the resources spent such as computing power and special equipment. We have not received any orders for hacking, although we tried to offer this service to the public. There has been no response.”
In their Telegram channel, the hackers announced that they had developed malware which targets state banking systems for “the goal to put pressure on the Lukashenko regime.” “To deprive him of the opportunity to sponsor security service agents. Now, we see how rapidly the gold and foreign exchange reserves are drying up. Perhaps there is already nothing there,” they said.
By targeting the monetary resources, the Cyber Partisans hope to isolate the regime from receiving financial support. It appears, as it were, that this is indeed a war being exhausted on all digital fronts.
The group has ostensibly managed to find lots of support from the people of Belarus. It wouldn’t go so far as to say that support has come from many places from people who believe in the goals of the collective. The hacktivists said: “People send us messages of support and encouragement and useful information.”
When asked if there has been any support from people who were or are close to the current government, the Cyber Partisans declined to comment.
Speaking of support, between their own efforts and the help from the public, the hackers have conceived of another angle to help them bring down the current regime: the development of a facial recognition system “aimed at identifying security officials.”
According to the group, this initiative has been joined by IT specialists. Nothing more was said regarding the role the IT specialists would play, but they did explain that the project is still under development and that it hasn’t moved into the testing phase yet.
According to recent studies, facial recognition systems are imperfect and many developers temporarily abandon their production, whereupon the hacktivists stated:
“We just organized a safe development environment and united it into a working group. As for the technical features and efficiency, I cannot give a reasoned answer.”
The hacktivists stressed that this undertaking is a common initiative for the benefit of their society and has not been motivated by any third parties.
As for Lukashenko’s regime, the hackers reported that the government is cooking up a similar initiative of their own, saying: “It is known that a government tracking system is being planned. However, I do not think that the budget will have enough funds to implement this method.”
While at this point the Cyber Partisans’ main objective is to get President Lukashenko to resign from office, BeInCrypto asked them what their ultimate goal is, what they are striving for other than to overthrow the current political system, and they said:
“We are with the people. After the power is changed, the problem of returning IT business to the country will become acute. We are planning to address this issue.”
The coordinated multi-national cyber attacks of this magnitude perpetrated by the Cyber Partisans have gained the attention of world news, and only time will tell whether people and governments will change the way they react to politically motivated cyber attacks of such a level of efficiency, sophistication and social impact.