EU extends sanctions against Chinese, Russian, and N. Korean hackers for another year

The European Union has extended today the legal framework that allows it to sanction foreign hackers, effectively extending its existing sanctions on Chinese, Russian, and North Korean hackers for another year, until May 18, 2022.

Adopted on May 17, 2019, Council Decision (CFSP) 2019/797 gave member states the ability to invoke EU-wide sanctions against threat actors that carried out cyberattacks their governments or the EU.

During its two-year lifespan, CFSP 2019/797 was used only twice.

It was used the first time in July 2020 to sanction:

  • Chinese hackers for “Operation Cloud Hopper” [PDF] — a series of intrusions against cloud providers, including several EU entities like SAP and Visma.
  • Russian hackers for NotPetya — a ransomware strain created and released by the Russian military in Ukraine, but which spread to all over the globe.
  • Russian intelligence agents for an attempted cyber-attack on the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Netherlands. At the time, the Dutch government was investigating the crash of Malaysia Airlines flight MH17 in Ukraine, brought down by a Russian missile.
  • North Korean hackers for WannaCry — a ransomware strain created by government hackers for the purpose of raising money for the regime, but which they lost control over.

It was then used again in October 2020, at Germany’s request, to sanction the Russian hackers behind the 2015 cyberattack that breach the German Parliament’s (Bundestag) internal network.

“Sanctions currently apply to eight individuals and four entities, and include an asset freeze and a travel ban,” the Council of the European Union said today in a statement. “EU persons and entities are forbidden from making funds available to those listed.”

Catalin Cimpanu

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

Recent Posts

Facebook testing end-to-end encryption as a default on Messenger

Facebook has long been criticized for not using end-to-end encryption as a default option for…

3 days ago

CISA orders civilian agencies to patch Zimbra bug after mass exploitation

The Cybersecurity and Infrastructure Security Agency added two vulnerabilities found in products from digital collaboration…

3 days ago

AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach

Telecommunications giant AT&T denied any connection to a database of stolen information that included the…

3 days ago

U.S. shares photo of alleged Conti suspect, offers $10 million for intel

The U.S. State Department on Thursday said that it was offering a $10 million reward…

3 days ago

Suspected Tornado Cash developer arrested in Netherlands

Financial crime authorities in the Netherlands announced Friday that they had arrested a 29-year-old man…

3 days ago

NHS working with U.K. cyber authorities to assess ransomware attack on IT vendor

The United Kingdom’s National Health Service said it is working with the country’s National Cyber…

4 days ago