The Belarusian military is linked to hacking and disinformation campaigns that have targeted critics of the regime, including dissidents and foreign governments, new research shows.
Several people targeted before last year’s contested elections were subsequently arrested by the Belarus government, according to cybersecurity firm Mandiant.
Mandiant explained that “sensitive technical evidence” located the operation in Minsk and linked the individual operators behind it to the Belarusian government.
The Mandiant report, assessing that Belarus has been engaged for several years in hostile activities aimed at NATO– aligned neighbors with whom it shares a border, is liberated amid growing tensions in the region.
Thousands of migrants experience freezing conditions at the border with Poland where last weekend another body was discovered in the forest, bringing the death toll to at least nine.
The migrant crisis began after the president Alexander Lukashenko reportedly offered migrants tourist visas to travel to Belarus, before encouraging them to enter neighboring countries illegally on foot.
This decision has been described as Mr Lukashenko taking revenge on the European Union for sanctions imposed after the regime cracked down on protests following a contested election last year.
International parties condemned what NATO described as “the continued instrumentalization of irregular migration artificially created by Belarus in hybrid actions targeting Poland, Lithuania and Latvia for political ends”.
“These inhumane actions endanger the lives of vulnerable people,” NATO said, while the EU accused Mr Lukashenko of gangster behavior and imposed new sanctions.
Prior to the 2020 election, the disinformation campaign had mainly focused on spreading negative stories about NATO’s presence in countries bordering Belarus, according to Mandiant.
These accounts made false allegations about the deployment of nuclear weapons in these countries and about NATO troops committing crimes or disseminating information. COVID-19[feminine.
Mais aprÃ¨s les Ã©lections d’aoÃ»t dernier, Mandiant a dÃ©clarÃ© que les opÃ©rations d’information avaient tentÃ© d’allÃ©guer la corruption, en particulier au sein des partis au pouvoir en Lituanie et en Pologne, dont les gouvernements ont fermement condamnÃ© la rÃ©pression de M. Loukachenko contre les manifestants.
Benjamin Read, directeur de l’analyse du cyberespionnage chez Mandiant, a dÃ©clarÃ© Ã Sky News : Â« Ils ont compromis une municipalitÃ© polonaise locale et ont publiÃ© un article selon lequel un prÃªtre avait Ã©tÃ© assassinÃ© par un migrant qui, selon eux, Ã©tait un ressortissant irakien et qui avait Ã©tÃ© en Lituanie. et s’est faufilÃ© en Pologne.
“[But] the priest was still alive – people called him and he was still alive – so it wasn’t necessarily very effective. But we have seen them arming narratives around migration and migrants … we have seen it in Poland, in Polish. “
This particular briefing, playing on fears about migrants, “parallels what they’re doing now, quite horribly, in the real world,” Read added.
Mandiant also identified how Belarusian dissidents, media entities and journalists were among the targets of the spy campaign, due to the domains the hackers set up to collect their credentials and then log into their accounts. messaging.
Along with these national goals were a wide variety of government and private entities in Ukraine, Lithuania, Latvia, Poland and Germany – although the researchers note that Estonia, which is a regional member of NATO but which does not border Belarus, did not appear to have been targeted in the same way.
The most important technique to defend against this type of hacking is to use two-factor authentication (2FA) for email and social media accounts, Read said.
Follow the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker
It was also important to be careful when receiving alerts saying your account had been accessed and encouraging you to reset your password, as this is one of the most common methods used by hackers. to steal credentials.
He said that hardware authentication devices such as YubiKeys offer the best protection, because even if the hackers managed to trick the victim into revealing their username and password during a phishing attack , they would also need to physically capture the USB device.