Hackers Allegedly Attacked Belarus Rail to Slow Movement of Russian Troops

An anonymous group of hackers has infiltrated the systems of the Belarusian rail network to slow down the build-up of the Russian military in the country.  The group called Belarusian Cyber-Partisans has claimed the ransomware attack via its Twitter handle and demanded the release of 50 political prisoners, who need medical assistance. 

Tension in the region has escalated ever since the U.S. has accused Russia of planning to invade Ukraine. The U.S. has moved some troops and promised marine and air support to Ukraine, Al Jazeera reported. While Russia has denied this allegation, reports suggest that it has already moved 100,000 soldiers towards the Ukrainian border with the help of Belarus and its railway infrastructure. 

A Washington Post report states that 33 Russian trains loaded with soldiers and troops have entered Belarus and about 200 such echelons were expected in the coming few days. Russian Ministry of Defense has called this a part of an upcoming military exercise.   

Referring to Belarusian President Alexander Lukashenko, the hacking group tweeted, 

At the command of the terrorist Lukashenka, #Belarusian Railway allows the occupying troops to enter our land. We encrypted some of BR's servers, databases and workstations to disrupt its operations.❗️Automation and security systems were NOT affected to avoid emergency situations

— Belarusian Cyber-Partisans (@cpartisans) January 24, 2022

In communication with Ars Technica, the group also shared some images that appear to be a private network of the Belarus Railway. Ars Technica also confirmed that the ticket booking services were not available on the Railway website, which the administrators have attributed to 'technical reasons.' Cyber-Partisans have also claimed that freight services have also been affected.

The group has made two demands to revert the attack and allow services to resume.  

We have encryption keys, and we are ready to return Belarusian Railroad's systems to normal mode. Our conditions:
? Release of the 50 political prisoners who are most in need of medical assistance.
?Preventing the presence of Russian troops on the territory of #Belarus. https://t.co/QBf0vtcNbK

— Belarusian Cyber-Partisans (@cpartisans) January 24, 2022

While ransomware attacks have become more common, even the Russian government being accused of supporting cybercriminals, this is the first time an attack has not been made with the intention to elicit fiat money or cryptocurrency in return, Ars Technica reported.