The cyber attack story that is unfolding in Belarus is destined to have a big budget HBO mini-series made about it. My goodness, the story has everything that makes a compelling thriller – mystery, danger, formidable villains and the unlikeliest of heroes.
The story is one of hackers, or more correctly ordinary technology-sector employees, who are trying to topple a government. Wow, what a story.
Now this naturally got me thinking – Zimbabwe has a government, Zimbabwe has technology-sector employees and so… Could this happen here? I’m getting ahead of myself. First things first..
What is going on in Belarus?
The president of Belarus has been in power since 1994, that makes it 27 years in office. As you would assume, he has been labeled a dictator and is accused of having rigged elections on multiple occasions.
The latest elections were held last year, 2020, and it is these elections that have lit a fire in his eye.
His victory was disputed, protests broke out and they were violently crushed, you know, as governments do. Same as happened in previous elections. However, this time was one time too many.
Many law enforcement officials resigned and formed an organisation – BYPOL. They are now conducting investigations into the regime. The aim is to expose any illegal activity within and by the government which they hope will lead to convictions. The group also has hundreds of members still inside security agencies.
Enter the unlikely heroes / villains?
Some ordinary folk were also fed up with the ruling regime. These fellows are just ordinary folk, much like you and me. They say they are just technology-sector employees and not professional hackers by any stretch, all 15 of them. The guys decided to take action.
They started by defacing government websites and the crowd loved it. Though modest, the attack drew attention. Very similar to what S1ege and W4Riok! did in Zimbabwe. Oh you forgot, Zimbabwean government websites are hacked every other day.
The hackers take it up a notch
Our 15 guys, collectively called Belarus Cyber Partisans, reached out to the disgruntled law enforcement officers, BYPOL. The Partisans got valuable information on the structure of government databases. Having received other tips on how to penetrate the government’s systems they proceeded to steal hack their way in.
With that done, BYPOL has been helping them process the data they are stealing from government servers. BYPOL also assists in identifying individuals from hacked phone calls as well as providing feedback on how the hacks are affecting the security forces. Remember, they have insiders.
The Partisans say they now have classified information which they will be releasing bit by bit. They have video feeds from isolation cells where detained protestors are being held, drone footage from protest crackdowns and other sensitive data.
Their aim is to undermine the regime whilst showing that they are not unstoppable or unbeatable. They claim,
We have a strategic plan that includes cyberattacks to paralyze as much as possible of the regime’s security forces, to sabotage the regime’s weak points in the infrastructure, and to provide protection for protesters
A Partisan spokesperson
The group reckons this is the most comprehensive hack of a state in history. I find myself agreeing.
Back to Zimbabwe
It should be worrying for the Zimbabwean government that the Partisans started by messing with websites. Then graduated to more impactful attacks.
We have seen even the Zimbabwe Defence Forces website hacked. Is there a chance the hackers have higher ambitions? I assume the security forces are on top of the situation. After all, Zimbabwe cannot be hacked in a similar manner.
There are few databases to hack. How would a hacker sabotage infrastructure weak points in Zimbabwe? Not from a computer, I’ll tell you that much. There are no nuclear reactors to hack, no subway system to delay here for example.
We have often complained that the government is taking too long to computerise its operations. Maybe we missed that it is strategic. The security forces want to ensure they are able to guard against attacks before dumping their classified documentation onto a server somewhere.
That is probably not the reason for the slow uptake of computers. It is however a good defensive strategy. Who cares if that was the plan?
Hacking the Zimbabwean government would entail a physical breach of some building. The ‘hacker’ would have to sift through two-metre tall steel cabinets and fish out the incriminating documents. That is markedly more difficult and risky than typing furiously on a keyboard in a basement somewhere.
I think the Zimbabwean government can rest easy for the moment. We won’t be the next Belarus any time soon. The other factor being that for a hack to be successful at that scope, the hackers would need insiders in the security forces. Much more difficult in Zimbabwe.
So Zimbabwe would probably be able thwart a cyberattack. It might not be because of superior cyber defence strategy, but a strength is a strength. I’ll take the win.
Share
Home
4 comments
At least you know our capabilities,wise guy!
Have you listened to the excellent podcast , Lazarus group, i mean you could classify Bangladesh in the same light as Zimbabwe. Yet, look what happened. The government should not lull themselves into a false sense of security. In fact i would argue the risk regarding a breach in Zimbabwe is much higher. Whether it is physical or virtual. The first major threat i see is related to the politics of this country. Especially taking into consideration what has happened in the last few years ( the NOT coup). This has created a dangerous precedent, which i believe is the greatest threat to Zimbabwe. ( I mean just look at all the bodies around the president whenever he is in public) There are still a lot of powerful political actors who were ousted, they have intimate knowledge of internal government systems and protocols, who knows what they could be planning.
The second risk relates to underpaid civil servants, institutional nepotism, and corruption involved in various government operations like the issuing of tenders. Weak vetting protocols could lead to a rogue service provider gaining entry into government systems.
My guy,there is no such thing as weak vetting when it cones to Zim gov.
Oh my God , i am a CyberSec self taught student and its not the physical aspects only the reason why we didn’t take advantages of the vulnerabilities in our country’s system is because we are ethical , but man I dont wanna lie ,from wardriving to bug bounty Zimbabwe is mostly vulnerable its only that some zimbabweans are still ethical and some are even in your systems buh you didnt see the IOC because they are smart and zim is not that educated when it comes to cyber , less than 25% talk aboout it .but the more we are dipping into poverty , I tell you those jobless CyberStudents from HIT or Trust Academy will be the next Zimbabwean Nightmare… so please don’t lie to people we need more cybersecurity awareness