A group of Belarusian cyberattackers are claiming to have successfully launched a ransomware attack on Belarus’s state-run train company. The actions were allegedly performed in a bid to disrupt Russian troop movements. The group revealed the attack on Twitter, claiming to have encrypted some of the railway’s servers, databases, and workstations to disrupt its operations. However, they did not impact automation and security systems to protect passengers and employees in the event of an emergency situation. The group stated that they had the decryption keys and would return the train network to normal, however, under the condition that 50 political prisoners be released. The prisoners are reportedly in need of medical assistance. In addition, the group stated that they require that Russian troops do not enter the country.
Belarusian President Lukashenko has sought closer ties with the Putin regime since the 2020 election in an attempt to boost his power base and gain economic and diplomatic support from the Kremlin. On the official Belarusian Railways website, the services for issuing electronic travel documents are temporarily unavailable due to technical issues. The company claims that it is working to fix the problem and restore the service.
Read More: Belarus Activists Fire Ransomware at State Railway