The website of Belarus’ main security service agency (KGB) has reportedly been down for two months following a cyberattack by Belarusian politically motivated hackers. The hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is “in the process of development.” The announcement of the hackers' operation came a few days after Belarus updated its military doctrine, introducing the possibility of responding to a cyberattack on its critical infrastructure with force. The Cyber-Partisans are made up of exiled tech specialists scattered around the world — part of the broader opposition movement in Belarus, using digital tools to try to topple Lukashenko’s regime. The KGB has been a popular target of the group, which claimed to have infiltrated its network in the fall of 2023 and leaked the data of thousands of employees of the organization. Over the weekend, the hackers published a list of the website’s administrators, its database, and server logs on its channel on the Telegram messaging app. In total, the group was able to download the personal files of more than 8,600 KGB agents. The hackers have launched a Telegram bot that identifies Belarusian spies in photos uploaded by users. In 2021, the Cyber-Partisans disclosed the personal data of some of the KGB’s officers. The head of the service admitted on state television that there had been "hacker attacks on personal data" and a "systematic collection of information," which he attributed to the efforts of "foreign special services." In an interview with Recorded Future News back in March, the group’s spokesperson, Yuliana Shemetovets, said that the identification of spies is an important part of the Cyber-Partisans’ work, as it can be used by journalists and political organizations to vet people. Shemetovets said the latest attack on the KGB “was a response” to the agency’s chief, Ivan Tertel, who publicly accused the group of plotting attacks on the country’s critical infrastructure, including a nuclear power plant. “We don't plan such attacks [on nuclear plants], and we never have. We work to save the lives of Belarusians, not to destroy them, unlike the Lukashenko regime.” the hackers said. Last week, the Belarusian Cyber-Partisans claimed to attack the country’s largest state-run manufacturer of fertilizers, Grodno Azot, for its alleged involvement in political repression, sanctions evasion, and human rights violations. The hackers said that their attack disrupted the enterprise's energy generation facility. The Belarusian Cyber-Partisans are known for carrying out cyberattacks against Russian and Belarusian companies as well as state agencies. The credibility and actual impact of the hackers' attacks are difficult to verify since their victims rarely publicly comment on the operations. In the past, prominent investigative journalists from outlets like Bellingcat and Belsat have verified the authenticity of data provided by the group.
Get more insights with the
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.