a cyberattack on the railway network to slow down Russian forces

Cyberactivists wanted to weaken the Russian forces by attacking the train networks, through which soldiers and equipment arrive.

It would be one of the rare large-scale cyberattacks with a political or even military claim. In Belarus, hackers paralyzed, Monday, January 24, the servers of Belarusian Railroad, the rail network. Their goal: to slow down and disrupt the evolution of the Russian armed forces of Vladimir Putin on the territory, reports Bloomberg. The latter are suspected of preparing an invasion of Ukraine via Belarus, an ally of Russia.

The group of cyber activists is known as Cyber Partisan. Made up of around 30 people, it was formed following the disputed re-election of Belarusian President Alexander Lukashenko in September 2020. Cyber Partisan claimed responsibility for the attack on several social networks, including Twitter and Telegram messaging.

“Under the command of terrorist Lukashenko, Belarusian Railroad allows Russian troops to enter and invade our territory. We have encrypted some of their servers, databases and hardware to disrupt their operations,” the group said on Twitter. However, he specifies that the security systems have not been affected, in order to avoid emergency situations.

“We have the encryption keys, and are ready to get the service back up and running. Here are our terms: the release of the fifty political prisoners most in need of medical assistance, and the banning of Russian troops from entering the territory”, asks Cyber Partisan.

Slow down Russian forces

On Telegram, the group published several images proving their infiltration into the servers of Belarusian Railroad.

Belarusian Railroad server screenshots — Screenshots of Belarusian Railroad servers © Cyber Partisan / Telegram

A spokesperson for the group confirmed to Bloomberg that the main goal was to slow the progress of Russian forces, and not to obtain a ransom, unlike a majority of cyberattacks of this nature.

For several hours on Monday, the railway company’s website displayed a message explaining that certain services, such as buying tickets online, were not working. Everything seems to be back to normal on Tuesday. However, the concrete consequences of the attack are not yet clear.