The Washington PostDemocracy Dies in Darkness

How Belarus’s ‘Cyber Partisans’ exposed secrets of Lukashenko’s crackdowns

Demonstrators participate in an anti-government rally on Aug. 18, 2020, in Minsk, Belarus, after an election in which President Alexander Lukashenko claimed victory. The vote was widely denounced in the West as rigged. (Misha Friedman/Getty Images)

A series of hacks on Belarus’s government by pro-democracy activists has uncovered details of apparent abuses by security forces, exposed police informants and collected personal data on top officials including a son of President Alexander Lukashenko.

The vast trove amassed by a group calling itself “Cyber Partisans” appears to be part of one of the biggest and most organized hacks by opposition activists against a government, analysts say.

The records — ranging from tapped phone calls to internal documents — offer a sweeping look at Belarus’s efforts to crush political dissent and could be part of potential future judicial reckonings over jailings and other abuses that have been widely condemned by the West.

The Cyber Partisans, a pro-democracy activist group, provided The Washington Post with drone footage obtained in a hack of the Belarusian security services. (Video: The Washington Post)

Belarus was plunged into crisis last year after the opposition rejected official results in the August presidential election that gave Lukashenko a landslide victory, triggering the biggest protests in the country’s history. Lukashenko, who has ruled since 1994, ordered a harsh crackdown on protesters, and thousands were arrested. Opposition leaders and activists were jailed or fled the country.

Cyber Partisans, a group of about 15 self-taught “hacktivists” who fled Belarus, said it had help from disaffected members of the Belarusian security forces. The hackers claim to have access to more than six terabytes of data, including the entire national passport database and a confidential database of security officials and others such as Lukashenko’s son Viktor.

Belarus’s Lukashenko jailed election rivals and mocked women as unfit to lead. Now one is leading the opposition.

The hacks began when one Cyber Partisan member defaced a single government website last September, but they have snowballed in recent months, with the doxing of regime insiders, security officials and others. (Doxing is the publishing of a person’s private information online.)

The group says it has access to 5.3 million recordings of wiretapped phone calls, including those of top police and security officials, on the servers of the Interior Ministry. The wiretaps were made by a section of the ministry that deals with operational search activities, including the secret bugging of ministry employees, the group said.

'Operation Heat'

The cyber-infiltration, dubbed “Operation Heat,” exposed what appear to be orders from security officials to beat up and terrify peaceful protesters after last year’s presidential election, the results of which were rejected as fraudulent by not only the Belarusian opposition but also the United States and the European Union.

Cyber Partisans gave The Washington Post samples of the hacked wiretaps, including a list of about 10,000 recorded calls and accompanying metadata. The Post could not independently verify the identities of the people on the calls, but no Belarusian official has publicly challenged the authenticity of Cyber Partisans’ posts. At least one top Belarusian security official has acknowledged that opposition groups have waged hacking efforts.

The Interior Ministry and its Minsk department had no comment about the hacktivist attacks or the published recordings of specific calls. The Information Ministry did not respond to a query on whether it could confirm the extent of the hacks.

“I’ve never seen anything like it,” said Gabriella Coleman, an expert on hacking and activism at McGill University in Montreal. “What we’re seeing in Belarus is far more organized, better-executed, has a lot more depth and breadth and impact. In that sense, it’s unique.”

Dmitri Alperovitch, chairman of the Silverado Policy Accelerator, who previously co-founded the cybersecurity company CrowdStrike and worked as its chief technology officer, tweeted: “This is as comprehensive of a hack of a state as one can imagine.”

Belarus once cultivated high-tech talent. Now those people are fleeing political crackdowns.

“The regime listened in on its own people where they talked freely about illegal commands that were issued to beat down innocent people and torture them,” a representative of Cyber Partisans said in messages to The Post.

“The regime doesn’t trust its own people,” the representative added, speaking on the condition of anonymity and using an encrypted messaging app to protect their personal security. “We want to deter security forces from participating in human right violations, repressions and harsh crackdowns on protests.”

Analysts say the hacks may create some rifts within Lukashenko’s regime but are unlikely to unravel his security apparatus.

“I think this is very demoralizing for law enforcement agencies, especially the leaks of information of intelligence officers or state security,” said independent Belarus political analyst Dmitry Bolkunets, who has fled the country and runs a popular YouTube channel. “The fact this information was hacked and disclosed is a very serious blow to them. I think the political elite is scared.”

But he said that Lukashenko was still determined to cling to power and that his remaining supporters would probably dismiss the hacks as fake.

Tapped phone calls

One tapped call on Aug. 11, 2020, two days after the presidential election, is purportedly from Col. Nikolai Maximovich, deputy head of the Interior Ministry’s Minsk department of the Public Security Police, to a regional subordinate. (Cyber Partisans told The Post there were three officers who appeared in the recordings of the Minsk department, and they identified Maximovich based on the first name and patronymic his colleagues used in addressing him in calls.)

The subordinate requested clarification from Maximovich on what to do about a group of people peacefully milling around, not even wearing the white bracelets or red-and-white colors of the protest movement.

“They are just sitting on benches and walking around,” the subordinate said. “And only a few of them have white bracelets and so on. They are not violating anything.”

Maximovich allegedly retorted that the police should seize them, take them to the police station, throw them to the ground and beat them. He peppered his order with obscenities: “They should all [expletive] be on the ground with their faces against the asphalt and [expletive] beat them! That’s all you have to do.”

“But there are people in the park, like women,” the subordinate replied on the tape.

The reply from Maximovich was to unleash the security forces and “beat them all” to make them “scared of the police.”

In isolated Belarus, everything is being weaponized to keep Lukashenko in power. That includes migrants.

A woman who answered a phone number for Maximovich provided by Cyber Partisans said she would pass a message to him that The Post was seeking comment. He did not call back.

The hackers also accessed police drone footage, the country’s motor vehicle database, complaints to the police and surveillance-camera video. The group shared details of cars registered to intelligence officers on the messaging app Telegram and published the names and addresses of people who had called the police to denounce their neighbors for supporting or participating in protests.

The group also uncovered details of calls made to the authorities by voters in the 2020 election reporting balloting fraud.

Ivan Tertel, chief of the KGB intelligence service, told Lukashenko and other government officials on July 3 that the country was fighting what he called foreign “hybrid attacks,” including cyberattacks against the government and security agencies.

On Aug. 17, Lukashenko ordered officials to revert to paper records if computer data could not be secured. The next day, a Belarusian court labeled Cyber Partisans an extremist group, effectively banning it.

Bolkunets, the analyst, said employees at large state enterprises had been ordered to use only older cellphones without Internet links.

In border crisis between Belarus and Lithuania, salvos fly in ‘propaganda war’

In another tapped call posted by the group, Alexander Kisel, deputy police chief of the Brest region, purportedly told a colleague in Minsk that at least 500 protesters were detained in a military gymnasium.

“We’ve had them all on their [expletive] knees or elbows with dogs around them the whole time since last night, ready to pummel them if they try to move,” says the Aug. 11,2020, recording alleged to be of Kisel.

He goes on to say, “The more people we send to the hospital, the better . . . so we’ve been walloping them like [expletive] stray cats.”

Cyber Partisans told The Post that it identified Kisel with the help of police and security officials who resigned because of the crackdowns.

Attempts to reach Kisel for comment were unsuccessful.

Some of the Cyber Partisans data is used by activist Yanina Sazanovich, chief editor of a popular Telegram channel, Black Book of Belarus, that identifies members of the security services involved in the crackdown. The data published by these groups has been turned into an interactive map,

“They tortured my country,” she told The Post.

“And in this war, we don’t have any weapons. We have truth and ‘de-anonymization,’ and this is our power and we will use it,” she said.

In one recent message, Cyber Partisans suggested it was playing the long game.

“When the regime collapses, you will have to try to run very fast,” the message said in a reference to Lukashenko’s key backers, “because it is very easy to figure you out, and no one will escape responsibility.”

Bennett reported from Washington and Dixon from Moscow. Natasha Abbakumova in Moscow contributed to this report.

No lockdown here: Belarus’s strongman rejects coronavirus risks. He suggests saunas and vodka.

Belarus forces down commercial airliner, arrests dissident journalist on board

In Belarus’s withering crackdowns, even wearing the opposition’s colors can bring trouble