This is a first convincing example of politically motivated ransomware. A group of hackers claim since Monday to have encrypted the servers of Belarusian Railway, the Belarusian equivalent of the SNCF. “At the orders of the terrorist Lukashenko, the Belarusian Railway allows occupation troops to enter our territory. We encrypted some of their servers, databases and computers in order to disrupt their operations,” the Cyber Partisan explained on Twitter. “The train and safety systems are not affected in order to avoid emergency situations,” they specify.
Instead of demanding ransom in cryptocurrency like cybercriminals, hackers are demanding, in exchange for decryption keys to computer systems, the release of 50 political prisoners arrested during the fall 2020 protests against the authoritarian rule of Alexander Lukashenko .
They also demand that the government block the deployment of Russian troops in the country.
Read also“Cyberattacks come in support, like an airstrike”: as in Ukraine, war 3.0 has already begun
Russia has announced a major exercise in Belarus from February 9 where it is moving all kinds of military equipment, combat aircraft, anti-aircraft missiles.
Quoted by Bloomberg, the spokesperson for the Cyber Partisans, Yuliana Shemetovets, assures that this cyberattack "aims to slow down the traffic of passenger trains with the consequent impact on the rail transport of the Russian military".
After posting connection problems, the official website of Belarusian Railway was back to normal on Tuesday.
A notice to passengers, however, indicates that “for technical reasons, the services for issuing electronic travel documents are temporarily unavailable”.
And to add: “work is in progress to restore the performance of the systems”.