In this episode of Intrusions in Depth, host Josh Stepp dives deep into the extraordinary story of the Belarusian Cyber Partisans, ordinary IT professionals turned hacktivists who waged a digital guerrilla war against the Lukashenko regime. From their roots in Minsk’s High-Tech Park to high-stakes operations disrupting Belarusian railways during Russia’s 2022 invasion of Ukraine, this is a real-world tale of civilian-grade cyber warfare that feels ripped from a Hollywood thriller.
Explore how a small group of software engineers used ransomware for political demands, leaked KGB databases, built a face-matching Telegram bot to expose officers, and crippled state infrastructure with custom malware like Vasilik and PreoutNIC. Josh breaks down their origins in the 2020 protests, ties to broader resistance movements, Western funding questions, propaganda battles, and the rise of civilian-grade warfare — where the gap between state and individual capabilities in cyberspace is closing.
Key Topics: Belarus Cyber Partisans, Lukashenko regime, Russia-Ukraine war logistics disruption, hacktivism, cyber espionage, ransomware as political weapon, KGB leaks, civilian cyber warfare.
#CyberWarfare #Belarus #Hacktivism #CyberPartisans #CyberSecurity #Geopolitics
Key Topics:
The making of modern partisans: How Belarus’s WWII partisan history and national identity shaped the group’s branding, and why the name “Cyber Partisans” was a powerful act of cultural inheritance rather than simple marketing.
From tech boom to crackdown: The rapid rise of Minsk’s High-Tech Park (home to Viber, World of Tanks, PandaDoc, etc.) as a state-backed Silicon Valley experiment, followed by the 2020 election fraud, mass protests, and the brutal security response that triggered the IT exodus.
Formation and philosophy of the Cyber Partisans: How a small group of software engineers, cloud architects, and sysadmins (not traditional black-hat hackers) organized in September 2020, their explicit “anti-manifesto” rejecting donations, crypto, and harm to ordinary citizens, and their focus on embarrassment and exposure over destruction.
Major operations and asymmetric impact: The early state TV broadcast hijacking and the later deep leaks of Ministry of Internal Affairs databases, the national passport system (elite passports only), traffic police records, KGB safe-house/apartment registries, and internal police audio—operations that forced the regime to physically relocate assets and exposed sources & methods.
Broader implications: Exploration of “civilian grade warfare,” the shrinking capability gap between states and skilled civilians in cyber, the power of narrative and psyops, and why admitting to operations (something states rarely do) gives non-state actors unique advantages in the information space.
Call to Action:
Subscribe to the podcast for more episodes on high-profile cyber intrusions.
Visit our website at intrusionsindepth.com for additional stories and insights.
Share your thoughts on social media using #IntrusionsInDepth.
Links and Resources:
https://warsawinstitute.org/day-47-48-state-tv-hacked-cyber-partisans/
https://en.wikipedia.org/wiki/Belarusian_resistance_during_World_War_II
https://www.ned.org/2024-democracy-service-medal-sviatlana-tsikhanouskaya/
https://2021-2025.state.gov/u-s-support-for-democracy-in-belarus/
https://therecord.media/belarusian-hackers-taunt-kaspersky-ver-report
https://en.belsat.eu/89582898/hackers-expose-6000-belarusian-kgb-officers-and-collaborators
https://lazomagazine.com/cyber-partisans-meet-the-hacktivists-working-to-democratize-belarus/
https://www.govinfo.gov/content/pkg/COMPS-9805/pdf/COMPS-9805.pdf
https://actsecuritygroup.com/the-5-ds-of-security-essential-strategies-for-protection/
https://www.nbcnews.com/politics/national-security/cia-officer-arrested-gold-bars-accused-making-top-secret-program-sourc-rcna349032
https://www.ragingrock.com/AndroidAppRE/app_fundamentals.html
https://bishopfox.com/tools/sliver
https://www.cbsnews.com/news/russia-nuclear-capable-missile-massive-attack-ukraine-dead-wounded/
https://warsawinstitute.org/day-47-48-state-tv-hacked-cyber-partisans/
Host: Josh Stepp
Produced by: Josh Stepp
Thank you for tuning in to IntrusionsinDepth. Stay informed, stay safe, and see you in the next episode!










