Cyber Partisans

Introduction and Overview

The Cyber Partisans are a Belarusian hacktivist group founded in September of 2020. The group formed as a reaction to fraudulent elections which had been held in the country and saw the long-reigning President, Aleksandr Lukashenko, remain in power. The primary objective of the group is to use hacking as a method to disrupt and ‘expose’, per se, the current regime in Belarus in order to democratise the country (as they see it).

History and Foundations

On the 9th of August 2020, the Belarusian presidential elections were held and were rife with procedural violations and fraud (Beford). Aleksandr Lukashenko (the ruling President of Belarus since 1994) won these elections. In the past, this type of fraudulent electoral activity — destined to keep the ruling government in power — had been met with little resistance. However, the social conditions in the country had changed over time and eventually led to mobilisation of protestors following the 2020 elections and their seemingly-flawed outcome (Bedord). This change in Belarusian society was primarily driven by the regime’s inability to continue to provide for the citizenry in any kind of meaningful way that would prop up their popularity, or at least acceptance, in certain segments of society.

With this decline in support, the government began to rely increasingly on heavy-handed tactics to remain in power. It is likely that this increase in authoritarian tactics matched with a decrease in ability to provide for the people led to a sense of illegitimacy in the eyes of the public that boiled over following the 2020 elections (Bedford). In response, the Belarusian government cracked down on protestors; police brutality and intimidation were widely used to quell the unrest and uphold Lukashenko’s control of the country. During this period of instability, the Lukashenko regime had also relied heavily on the Russian government and Vladimir Putin for support and maintaining power. This drew the two countries and leaders even closer than they had been before, all while further weakening Lukashenko and Belarus’ autonomy over their foreign policy as they became increasingly compliant to Russia and Vladimir Putin.

As a response to the domestic repression of the Belarusian people, a group of former IT workers who had fled Belarus came together to form the Cyber Partisans. Belarus had a thriving tech sector before the elections and the subsequent protests, and many of the individuals working in this field left the country due to crackdowns on tech companies and workers who opposed the government (Smeets). This ‘tech-savvy’ group of young and politically-motivated tech workers drove the formation of the hacktivists known as the Cyber Partisans.

Objectives and Ideology

Since the formation of the Cyber Partisans, the group’s objective has been to help support the downfall of the Lukashenko regime and end authoritarian rule over Belarus. The group’s hope is that this will allow the country to develop into a free and democratic nation. Moreover, one of the group’s additional objectives is to revive the Belarusian tech sector (as it has largely been shut down following the 2020 president elections) in order to transform Belarus into a place where young people can work and innovate. In a way, this motivation is fuelled by the group’s desire to transform the country into a new regional tech hub (Antoniuk). While hacking as a sole strategy is unlikely to bring about this change, the Cyber Partisans’ operations against the government are often in coordination with, and in support of, a coalition of groups both inside and outside of the country with similar objectives. The collection of these groups is referred to broadly as the “Suprativ Collective”(Smeets). The driving ideology across this coalition of activists is broadly anti-authoritarian and pro-democracy.

The objectives of the Cyber Partisans have also developed since the beginning of the conflict in Ukraine. The Russian military began to heavily rely on Belarus as a transit point through which they could move their troops and equipment to the front lines. Since this development, the Cyber Partisans have expanded their operations to target Russian convoys and equipment moving through Belarus, in order to disrupt the Russian war effort in Ukraine. This has primarily been achieved by hacking Belarusian railroad networks used to move Russian equipment through the country (Dickinson). In this regard, while the Cyber Partisans exclusively carry out operations in their country of Belarus, their efforts have also reflected a struggle against Russia’s political domination in their country and against Russian military aggression in the region.

Political Abilities & Approach to Resistance

The use of cyber weapons and hacking has created a new grey area in modern conflict and geopolitics. This has sparked debate over how hacking should be classified in regards to its level of aggression;

—> Does hacking rise to the same level as physical attacks or is there a clear distinction between the two?

—> If the Cyber Partisans hack a railroad network in Belarus, shutting it down, is that any different than blowing the rail line up (even if the results are the same)?

Evidently, the answer to these questions lie outside the scope of the Cyber Partisans’ struggle with the Belarusian government.

The Belarusian regime has labeled the group as an illegal extremist organization for their actions (Bennett). For all intents and purposes, however, the group’s methods are non-violent. The group’s most renowned actions include their hacking operations, which have shut down Belarusian rail networks transporting Russians military equipment and weapons to the frontlines in Ukraine (Smeets). These operations are similar to those of other resistance groups in the region that have targeted rail lines in physical attacks to disrupt the Russian war effort. The group has previously stated that carrying out operations such as these has been made considerably easier by Lukashenko’s government, which they deem has failed to upgrade the country’s security software for its critical infrastructure. Running outdated Windows softwares — such as Windows XP — has left the country’s infrastructure vulnerable to even unsophisticated and relatively simple cyber attacks (Cox). This is a vulnerability that the Cyber Partisans have repeatedly taken advantage of.

The Cyber Partisans have also started to prepare for what they hope will be the inevitable downfall of the Belarusian dictatorship, by collecting evidence on members of the regime that could one day be used against them in a human rights court. This has involved hacking the communications of the police and intelligence services in the country, as well as obtaining recordings of members of the security services admitting to crimes they have committed against protesters and ordinary civilians. In these recordings, members of the police have admitted to unlawful beatings and inhumane treatment of prisoners. The group has also hacked surveillance cameras to record the police acting unlawfully and expose information to the public such as the cars being used by police and security services.

The targeting of government officials and agencies has been aided by an alliance between the Cyber Partisans and former members of the security services who fled the country following the 2020 elections. This group — known as ByPOL — has assisted the identification of targets, as well as provided the Cyber Partisans with a better understanding of government networks, data storage, and security practices. ByPOL also uses the information obtained from the Cyber Partisans to conduct their own investigations into the regime, the results of which are posted on their Telegram channel. Information obtained by the Cyber Partisans and ByPOL has been used by human rights organizations which are investigating the regime, as well as by the United States Congress during congressional hearings that later led to sanctions being placed on the country. The operations conducted against the Belarusian government by the Cyber Partisans has led to waves of data leaks and vital intelligence gathering. Some of the leaks have included extensive data collection processes, such as the entire country’s passport database, drone footage from protest crackdowns, the Ministry of Interior’s mobile phone surveillance database, as well as recordings from emergency services and detentions centers where prisoners are held (O’Neill).

The group also prioritises the assistance and education of the Belarusian public in regards to digital surveillance defense. The group has developed its own mobile phone apps that provide encrypted platforms for protestors and other resisters of the regime (in order to enable their communication and coordination). One such app is the Partisans’ Telegram, which was created by using the open-source code of the Telegram app. Additional security and encryption features were added to make it more reliable for those working to undermine the government. One such feature allows users to enter a secret code that will automatically delete all data on the app. The Partisan Telegram app has also become popular in regions of Ukraine that have been occupied by Russian forces (Antionuk). Similar efforts to protect protestors have included creating SMS messaging services that are encrypted and do not require internet connection to operate (Smeets). These efforts to combat digital surveillance are increasingly important for opposition and insurgent groups to resist governments in general, as even democracies increase their use of digital surveillance tools. However, in a country such as Belarus, it is even more critical as authoritarian governments increasingly rely on digital tools to suppress their people.

International Relations & Perception in the Media

The groups that the Cyber Partisans work with to undermine the Belarusian government are predominantly made up of other Belarusians, both inside and outside of the country. These would include groups such as ByPOL and protestors and resisters in Belarus. They share similar objectives with other hacking groups in the region also opposed to Russian domination, such as the IT Army of Ukraine and anti-Putin Russian hackers. Nonetheless, there is no indication that these groups have ever cooperated directly with the Cyber Partisans so far.

Due to the conflict in Ukraine, most international support is directed towards Ukrainian and Russian hacking collectives opposed to the Putin regime. Therefore, most resources are directed to those groups as well. The Cyber Partisans can and do receive donations from abroad via cryptocurrencies but the amount presumably would not compare to the donations received by Ukrainian groups fighting Russia. Due to the conflict in the region (and the backing of Ukraine by the Western world), the Cyber Partisans receive relatively meliorative and positive media coverage and little to no interference from Western countries. The group’s public spokesperson, Yuliana Shemetovets, lives in New York City and has not endured any type of legal action from the U.S. government in spite of her open involvement with the Cyber Partisans (Antionuk). The problem the Cyber Partisans seem to face in their international relations and media coverage is not a lack of support but more a lack of coverage, resources, and recognition.

Additional Resources