By Christopher Bing
LAS VEGAS (Reuters) – A group of hackers spied for years on embassy officials of four countries in Belarus, including during the Ukraine war, by hijacking local internet networks, security researchers at Slovakian cybersecurity firm ESET said in a report published Thursday.
About 15 devices belonging to diplomats from two countries in Europe, one from South Asia, and one from Africa who worked at the embassies were targeted, ESET researcher Matthieu Faou, who authored the report, said in a statement. The digital espionage campaign began around 2021 and is still active, the report said.
It wasn’t immediately clear how many officials had fallen victim to this campaign. But the research, which reveals a new and sophisticated hacking team allegedly operating from Belarus, illustrates how vulnerable diplomats can be to cyberespionage.
Belarus’ embassy in Washington didn’t immediately respond to a request for comment.
Belarus has been Russia’s closest ally in the latter’s war against Ukraine. Minsk has helped Russia ship military equipment and soldiers through its borders to aid the war effort.
The report said the hackers tampered with their victims’ internet access, “probably” at the level of the internet service provider, meaning that they could be tricked into downloading malicious software without ever realizing it.
These sorts of hacks are difficult for individuals to dodge, said Bill Marczak of the internet watchdog group Citizen Lab, which is based at the University of Toronto. Marczak, who wasn’t involved with the research, said ESET’s findings illustrate how intensely diplomats are targets of surveillance.
“Embassies and ministries of foreign affairs around the world are a top spyware target,” he said.
(Reporting by Christopher Bing in Las Vegas; Additional reporting by Raphael Satter in Washington and Zeba Siddiqui in San Francisco; Editing by Raju Gopalakrishnan)