“This is just the tip of the iceberg”

Hacktivists explain how they will unmask members of security forces

3 October 2020 | Marya Mialiokhina, KYKY
Source: KYKY

In an exclusive interview with KYKY, the “Cyber Partisans” hacker group talked about their work on a face recognition system to reveal the identities of members of security services wearing balaclavas. They explained why they are not afraid of counterattacks by pro-government hackers and how Belarus has become internally divided into North Korea and the USA.

The “Cyber Partisans” made the headlines in Belarus in early September 2020 when the website of the Presidential Property Management Directorate was hacked. The homepage was adorned with a white-red-white flag [of the Belarusian opposition] and a photo of the Directorate’s head, Viktar Sheiman, wearing a Christmas tree topper on his head, Verka Serduchka-style [a Ukrainian drag singer and comedian]. As their next prank, cyber warriors hacked the website of the Ministry of Internal Affairs and featured Alexander Lukashenko and Interior Minister Yury Karaieu on the “Missing Persons” page. But the best was yet to come.

Source: KYKY

The websites of the Chamber of Commerce and Industry, Government Procurement, Ministry for Taxes and Levies and the national electronic payment system went down. Afterwards, hacktivists focused on propaganda mouthpieces and interrupted online broadcasts of Belarus 1, Belarus 2, Belarus 3, Belarus 4, Belarus 5 and ONT channels with scenes of riot police beating protesters on 9-11 August. Then, cyber guerrillas leaked the personal data of employees of the Ministry of Internal Affairs, the riot police and the KGB.

By the end of September, an entire “digital IT front” with its own manifesto emerged in Belarus. Its main mission is to unite hackers and developers to launch remote attacks on the Belarusian administrative resources that hurt society. The “Cyber Partisans” are so popular that they already have their own copycats.

KYKY: In one of your interviews, you mentioned that your goal was to “restore justice and put pressure on Lukashenko’s regime”. But is a few hours’ downtime of a government website really anything more than trolling?

C: This is a demonstration of our power. You can think of it as a military exercise. We want to show that we have an advantage on our own territory, even if it is virtual. This is also to define our position: we are on the side of the people. We do what we are good at. Trolling is just a side effect. The main message is that the state apparatus is as helpless before us as the Belarusian people are before the riot police.

Source: KYKY

KYKY: What site are you going to attack next?

C: Hacking systems is a creative process. We keep on working on dozens of government systems. But we don’t advertise our plans yet.

KYKY: Aren’t you afraid to be held liable for your actions? In fact, you may face criminal prosecution.

C: We, like other Belarusians, remain loyal to our convictions. We can’t sit idly by due to our beliefs and we will support the protests in whatever way we can in spite of any possible criminal prosecution.

KYKY: Aren’t you afraid of being de-anonymised?

C: Our organisation is structured in such a manner that even if a few persons are exposed, it will be just the tip of the iceberg. We are decentralised and autonomous.

KYKY: Have you received any threats? Do you feel like you’re being followed?

C: No. All we have received are indirect and public warnings.

An analogy with North Korea and the USA works well here. We are like the United States while the regime’s proponents are like North Korea, bragging about their stone-throwing catapults being the fastest.

The statement by the Ministry of Internal Affairs that their agents are in all Telegram chats, as well as their SMS spamming, is similarly amusing.

Screenshot of an SMS sent by the Ministry of Internal Affairs: “Dear citizen! You have been identified as violating the order of public events. Your actions are recorded by means of photo-video identification. These events were organised by persons accused of organising and preparing actions that grossly violate public order, i.e. a crime according to Article 342 of the Criminal Code of the Republic of Belarus. We personally warn you of the inadmissibility of participation in unauthorised mass events, which entails liability in accordance with the law. Don’t make mistakes.”
Source: KYKY

KYKY: You were the first ones to declare that the video showing how a neural network can unmask members of security forces was fake. What for? Even if it’s fictional, it is also an intimidation tactic against the security forces.

Source: Andrey Maximov

C: We voiced our doubts about this video because what we saw looked a lot like an edited video. However, now we recognise that such a technology truly exists. We ourselves are working on this system.

KYKY: Why did you leak the security forces database dating back to 2017-2019? Many people listed in it don’t work in the security forces anymore. You could have implicated the innocent.

C: We realise the political gravity of such disclosures and we try to check information and present it in small chunks. We call on the government security agencies to stay within the legal framework: one must not obey illegal orders. If they had remembered that they should protect the people, not the criminals in power, such leaks would not have been necessary.

KYKY: You have hacked the websites of BT and ONT television channels. Is it technically possible to tamper with a TV broadcast?

C: We firmly believe that there are no hack-proof systems. The question is just a matter of cost.

KYKY: Is it possible to hack the personal accounts of high-ranking officials on social media?

C: As we have said before, hacking as such is possible. But we don’t see any practical sense in it – this information is irrelevant. At the moment, we are prioritising other tasks first.

Pictured: A photo of a tampered receipt from the national electronic payment system and a screenshot of the hacked website of the Belarusian Chamber of Commerce and Industry.
Source: KYKY

KYKY: The other day, a pro-government hacker group hacked the KYKY.org website and uploaded a photo of Lukashenko and an audio file to our homepage. A distorted voice said that members of the security forces are not afraid of cyber guerrillas. How are you going to counteract this new IT group? Will you protect the companies and sites that they may attack?

C: We are aware of the people behind it. You shouldn’t worry about them. Think of the hacking of your website as free publicity.

KYKY: Can you assess how professional they are? Can they compete with you?

C: There is no point in going into detail on this. We are on the same side – nobody is going to compete with us.

KYKY: You are often criticised for spending more time on giving interviews than launching hacker attacks. What is your comment on this?

C: We don’t owe anyone anything. Attacks require planning and take a lot of time. Interviews are important as they promote our views in society and help new, like-minded supporters join our movement. We do it not for the sake of hype but for the sake of victory.

KYKY: If you had an opportunity to publicly address the authorities, security officials and Lukashenko personally, what would you say?

C: We have said everything in our manifesto.

Source: KYKY

KYKY: When everything is over and the regime falls, will you reveal your identities?

C: We will remain the people you meet every day in the street, on a bus, in a shop or at a stadium. You will never learn the names of those who risked their freedom for our joint victory. Our hacktivist movement should not be associated with any specific persons.