Belarusian military linked to hacking and disinformation campaigns targeting regime critics | Scientific and technological news
The Belarusian military is linked to hacking and disinformation campaigns that have targeted critics of the regime, including dissidents and foreign governments, new research has found.
Several people targeted before last year’s contested elections were subsequently arrested by the Belarus government, according to cybersecurity firm Mandiant.
Mandiant explained that “sensitive technical evidence” located the operation in Minsk and linked the individual operators behind it to the Belarusian government.
The Mandiant report, assessing that Belarus has been engaged for several years in hostile activities aimed at NATO– aligned neighbors with whom it shares a border, is freed amid growing tensions in the region.
Thousands of migrants experience freezing conditions at the border with Poland where last weekend another body was discovered in the forest, bringing the death toll to at least nine.
The migrant crisis began after the president Alexander Lukashenko reportedly offered migrants tourist visas to travel to Belarus, before encouraging them to enter neighboring countries illegally on foot.
This decision has been described as Mr Lukashenko taking revenge on the European Union for sanctions imposed after the regime cracked down on protests following a contested election last year.
International parties condemned what NATO described as “the continued instrumentalization of irregular migration artificially created by Belarus in hybrid actions targeting Poland, Lithuania and Latvia for political ends”.
“These inhumane actions endanger the lives of vulnerable people,” NATO said, while the EU accused Mr Lukashenko of gangster behavior and imposed new sanctions.
Prior to the 2020 election, the disinformation campaign had mainly focused on spreading negative stories about NATO’s presence in countries bordering Belarus, according to Mandiant.
These accounts made false allegations about the deployment of nuclear weapons in these countries and about NATO troops committing crimes or disseminating information. COVID-19[feminine.
Mais après les élections d’août dernier, Mandiant a déclaré que les opérations d’information avaient tenté d’alléguer la corruption, en particulier au sein des partis au pouvoir en Lituanie et en Pologne, dont les gouvernements ont fermement condamné la répression de M. Loukachenko contre les manifestants.
Benjamin Read, directeur de l’analyse du cyber-espionnage chez Mandiant, a déclaré à Sky News : « Ils ont compromis une municipalité polonaise locale et ont publié un reportage selon lequel un prêtre avait été assassiné par un migrant qui, selon eux, était un ressortissant irakien et qui se trouvait en Lituanie. et s’est faufilé en Pologne.
“[But] the priest was still alive – people called him and he was still alive – so it wasn’t necessarily very effective. But we have seen them arming narratives around migration and migrants … we have seen it in Poland, in Polish. “
This particular briefing, playing on fears about migrants, “parallels what they’re doing now, quite horribly, in the real world,” Read added.
Mandiant also identified how Belarusian dissidents, media and journalists were among the targets of the spy campaign, due to the domains the hackers set up to collect their credentials and then log into their email accounts. .
Along with these national goals were a wide variety of government and private entities in Ukraine, Lithuania, Latvia, Poland and Germany – although the researchers note that Estonia, which is a regional member of NATO but which does not border Belarus, did not appear to have been targeted in the same way.
The most important technique to defend against this type of hacking is to use two-factor authentication (2FA) for email and social media accounts, Read said.
Follow the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker
It was also important to be careful when receiving alerts saying that your account had been accessed and encouraging you to reset your password, as this is one of the most common methods used by hackers. to steal credentials.
He said that hardware authentication devices such as YubiKeys offer the best protection, because even if hackers managed to trick the victim into revealing their username and password during a phishing attack, they would still need to physically capture the USB device as well.