The most successful cyber-attack in the history of Belarus, involving entry to the regime’s most secret and sensitive data vaults, has been revealed by a group calling itself Belarusian Сyberpartisans. The scale of the hack is unprecedented.
Hitherto known for pinprick attacks on the state structures of Aliaksandr Lukashenka’s regime, the group announced its hack late last month.
Cyberpartisans accessed enormous amounts of data from archives across Belarus. It downloaded material from sections of the AIS Pasport (АИС Паспорт) database, which contains all personal details of every Belarusian citizen including passport photos, home address, and place of work. Most damagingly, AIS Pasport also included the restricted section containing information about KGB and other special services employees. As proof, the group published information on senior KGB officers, as well as those of the deposed Kyrgyz President Kurmanbek Bakiyev, who has been hiding in Belarus for the past decade. Cyberpartisans, whose members and location are not known, passed the material to Belarusian journalists, who confirmed the authenticity of the database.
The regime has made no admission about these events. However, on 12 July, the Belarusian Interior Ministry issued a statement explaining that many of its services had failed “due to the abnormal heatwave,” and it would take at least a week to restore their operation. From 8-16 July, many Interior Ministry services had been inaccessible, including car registration and fine payment services. While the government statements were untrue, they did nonetheless inspire the cyberhackers to name their digital break-in Operation Heatwave.
The hack went still further, capturing data from the AIS GAI-Centr (АИС ГАИ-Центр) database used by traffic police, downloading everything including details of every vehicle and its owner, pictures of all driver licenses, information about fines, violations, special vehicles used by police and secret services and much more.
Cyberpartisans also downloaded the last 10 years of emergency calls, containing all personal details of regime informers who reported on co-workers and neighbors for organizing local gatherings, displaying the old Belarusian white-red-white flag and similar crimes against the regime.
And perhaps most importantly Cyberpartisans downloaded terabytes of tapped phone calls of the entire security apparatus – from an ordinary police officer in a remote town to the Interior Minister himself, and even KGB handlers talking to their sources.
The group also claimed it had hacked into all speed and surveillance cameras across the country and suspended over 125,000 fines. This fits with the group’s early modus operandi last year when it took control of Belarusian state TV websites and replaced the live transmission with footage of police brutality.
In addition, the hackers entered the Interior Ministry’s personnel department files and took possession of every employee’s personal data and work history, including details of any disciplinary or criminal offenses committed.
What might emerge from this mountain of material is hard to know, but it could be very significant based on early indications. Belarusian journalists reviewing AIS Pasport have already been able to prove that during the covid-19 pandemic Belarusian authorities failed to report over 32,000 deaths – 17 times more than official statistics suggest.
There are of course valid concerns about this volume of private information in the hands of hackers. The only safeguard is in the hackers’ professed ethics. Cyberpartisans said: “All the data obtained will only be used for deanonymization of regime accomplices, ordinary people have nothing to fear. We have better data protection [than the regime], and after our victory, we will delete everything.”