Кіберпартызаны | |
 Telegram group logo | |
| Formation | September 2020 |
|---|---|
| Type | anonymoushacktivistcollective |
| Purpose |
|
Region served | Belarus |
| Website | t |
Cyber Partisans (Belarusian:Кіберпартызаны,romanized: Kiberpartyzany,Russian:Киберпартизаны,romanized: Kiberpartizany) is aBelarusiandecentralized anonymoushacktivist collective that emerged in September 2020, known for itscyber attacks against the governments of Belarus andRussia. The group is part of the broaderBelarusian opposition movement.
Cyber Partisans consists of a group of BelarusianIT workers wholive abroad.[1] In an August 2021 interview to Bloomberg, hackers shared some details about themselves: they are 15 people, none of whom are professional hackers; of them, only 3 or 4 perform the hacks, others deal with the analysis of obtained data; and some group members werepenetration testers before joining the group.[2][3] Members are anonymous even to each other.[4] The group describes its activities asethical hacking, as it goes only against the state and do not harm to ordinary citizens.[2][3][5] In late January 2022, the group reportedly consisted of some 30 people.[5] Its spokesperson, Yuliana Shemetovets, is based inNew York.[6][7]
An anonymous spokesperson for the group told in an interview toMIT Technology Review: "What we want is to stop the violence and repression from the terroristic regime in Belarus and to bring the country back to democratic principles andrule of law."[3] In 2021 and 2022, the group affirmed that it was not collaborating with any foreign government, but "we are not against it, as long as it aligns with our depicted goals, to change the regime."[6]
The Cyber Partisans originated in September 2020 after the2020 Belarusian presidential election andsubsequent protests against its falsification byAlexander Lukashenko. The protests were brutally suppressed by the government's police and security forces.[8][2]
Initially, actions by the group were symbolic: group members hacked state news websites (All-National TV,Belarus-1) and streamed videos showing scenes of police brutality, and inserted the names of Lukashenko and theminister of Internal Affairs,Yury Karayeu, to a policemost wanted list.[9] The group also hacked government websites to add thewhite-red-white flag, which is favored by the Belarusian dissidents, over theofficial red and green flag of the country.[8][2]
Cyber Partisans work together with theBYPOL group, which consists of former Belarusian police officers working against Lukashenko's government. Their knowledge of database structure helps to plan and execute the Partisans' moves.[8][2]
In July 2021, Cyber Partisanscracked the Ministry of Internal Affairs' most sensitive databases. The group obtained a large volume of material, includes the archive of almost 2 million minutes of secretly recorded phone conversation audio; lists of alleged police informants; personal information about top government officials; and video footage gathered from police drones and detention centers. The group also obtained the databases forpassports, all registered motor vehicles, recordings from the cameras in theOkrestina prison's isolation cells, and mortality statistics. The group shared these data with the journalists who calculated theexcess mortality during theCOVID-19 pandemic in Belarus. They concluded that from March 2020 to March 2021, this figure was 32,000 people, 14.4 times more than the authorities reported.[10][8] The group published passport data of Lukashenko and his sons to prove that they really hacked that database. The authenticity of the data was also demonstrated by data on journalists fromCurrent Time TV, which the Partisans provided to Current Time at the outlet's request to prove the veracity of the leak.[10]
During the2022 Russian invasion of Ukraine, Cyber Partisans was one of three main Belarusian dissident groups that worked to stymie theBelarusian involvement in the Russian invasion, specifically by targeting railroad supply lines. (The other groups were Belarusian railway workers and defectors from the government's security forces).[1] Cyber Partisans launched the first attack on the railway's systemsin late January 2022, in the days immediately before the invasion slowing the movement of Russian troops before they had crossed the border.[1] The group said that it had penetrated theBelarusian Railway's network system the previous month, in December 2021.[6] A spokesperson for Cyber Partisans said that the railway company's system was vulnerable and ran on an outdatedWindows XPoperating system.[1] The group used a modified form ofransomware to paralyze the railway system, saying that it would return to computer network to normal if the Belarusian government released 50political prisoners in need of medical treatment and stopped Russian forces from entering Belarus.[1][5] Partisans cracked and encrypted internal databases of the railway.[4] The group targetedfreight rail to disrupt Russian military movements and cargo bound for China; the group said that it deliberately avoided affectingpassenger rail.[6]
The group also obtained access to a database of all border crossing records. To prove it, one of the group members provided aGuardian journalist "a full list of his travel records to Belarus going back to 2016".[4] Cyber Partisans provided the border entry and exit data to theinvestigative journalism groupBellingcat.[6]
In February 2023 the group revealed that they cracked intoRoscomnadzor, Russian internet censorship agency. The attack disrupted the internal network of the organization. The crackers obtained between 1.2 and 2 Terabytes of data including 1.5 million emails and 200 thousand of internal documents. Cyber Partisans gave the data to journalists, includingMediazona andSüddeutsche Zeitung.[11][12]
In July 2023, the group claimed that they attacked theBelarusian State University (BSU) and got 3 terabytes of data, encrypted and wiped the university's servers. BSU officials denied the fact of attack, though their website was down for several days. The reason of the attack was explained in a tweet:[13]
We started working on this attack 2 months ago after BSU posted a video with a student who was humiliated & forced to apologize. Since 2020 many students were detained and staff let go for political positions
According to Yuliana Shametavets (Russian:Юлиана Шеметовец) on 26 April 2024, Cyberpartisans stated on their website that they had penetrated theBelarus KGB computer network in fall 2023 accessing the files of 8,600 Belarus KGB employees and that, beginning in February 2024, Cyber Partisans had suppressed the Belarus KGB computer network for at least two months and that this "was a response" to the Belarus KGB chiefIvan Tertel because "The KGB is carrying out the largest political repressions in the history of the country and must answer for it" and added that "We work to save the lives of Belarusians, and not to destroy them, like the repressive Belarusian special services do."[14][15][16][17][18][19]
In July 2025, Cyber Partisans, together with the Ukrainian hacker groupSilent Crow, hacked the Russian state airlineAeroflot IT infrastructure. The groups obtained passengers' personal data and caused delays and cancellations of multiple flight.[20][21][22]
In a speech on state TV in July 2021, head of theBelarusian KGB Ivan Tertel blamed "foreign special services" for cyberattacks on government targets.[2]
In 2021, the Belarusian government (through the Belarusian Supreme Court and Ministry of Internal Affairs) declared the information resources Cyber-Partizans, its subsidiary project Cyber-Leaks, and all theirTelegram channels to be an "extremist" group and a terrorist organization.[23][24] Creating or participating in such a group is a crime in Belarus.[25]
AnthropologistGabriella Coleman, a professor atMcGill University and an expert on hacktivism and theAnonymous, commented to Bloomberg: "I don't think there are a lot of parallels to this, that they are so sophisticated and are attacking on multiple levels, it's not something I've seen before except in the movies."[2]
According to associate professor Tetyana Lokot ofDublin City University, who specializes in protest and digital rights issues in Eastern Europe, "If ever Lukashenko ends up facing prosecution in theInternational Criminal Court, for example, these records are going to be incredibly important."[2]
The group was praised by theBelarusian opposition, includingFranak Viačorka, a senior adviser to exiled opposition leaderSviatlana Tsikhanouskaya.[5]Andrei Sannikov, a former Belarusian diplomat and a candidate at the2010 presidential election in Belarus, in an interview toMIT Technology Review said that "They’re making the regime's crimes transparent. The information they're getting by hacking the state really is very eloquent in witnessing the criminal activities of the regime against the citizens."[3]
The group was the subject of theBBCRadio 4 seriesDigital Human episode that aired in March 2022.[26]
{{cite news}}: CS1 maint: multiple names: authors list (link)