Hackers shut down Belarus train network with ransomware
Activist hackers have shut down Belarusian Railways IT systems in Belarus. With the ransomware attack, they target the transport of Russian soldiers to Ukraine and demand the release of political prisoners.
Control over the track
The so-called hacktivists call themselves Belarusian Cyber-Partisans (BCP) and provide insight into the attack through their Telegram channel. The screenshots show how they handle Windows 7 systems and how they format a 10 Terabyte backup disk. BCP indicates that it has had access to all systems of the train network since December. It is the first time that a ransomware attack has been deployed in such a way.
The demands of the Cyber-Partisans
The BCP consists of a group of 20 to 30 Belarusian IT people who wanted to oppose the current Belarusian president Lukashenko after the unfair elections of 2020. They, therefore, label Lukashenko as a terrorist and will only hand over control of the systems if the president complies with their demands. The group demands:
The immediate release of 50 political prisoners in need of urgent medical care. The departure of Russian troops from Belarusian territory.
The hackers indicate that they do not want to disrupt train traffic for ordinary citizens and are working on a solution to make online ticket sales possible again. The group has also deliberately ignored important automated and security systems. This is to prevent emergencies and accidents.
We have encryption keys, and we are ready to return Belarusian Railroad’s systems to normal mode. Our