European Union sanctions on Russian, Chinese 'cyber attackers'

Yolanda Curtis
July 31, 2020

On Thursday, the European Union blacklisted four Russian individuals and the special technologies unit of Russia's military intelligence agency, known as the GRU, which Brussels accuses of committing cyberattacks.

Two Chinese nationals and four Russian military intelligence officers were named in the sanctions list along with tech firms from China and North Korea, and the department for special technologies of the Russian military intelligence service, known as Main Directorate of the General Staff of the Armed Forces of the Russian Federation.

This resolution was determined by Unit 74455's involvement as the threat actor tracked as "Sandworm" in the June 2017NotPetya (EternalPetya) ransomware campaign and cyber-attacks against Ukraine's power grid in the winter of 2015 and 2016. The cyber sanctions will impose meaningful costs for the reckless behaviour of state and non-state actors through asset freezes and travel bans within the European Union, including the UK.

European Union foreign policy chief Josep Borrell said the measures announced Thursday were needed "to better prevent, discourage, deter and respond to such malicious behaviour in cyberspace".

These attacks, he said, represented "an external threat to the European Union or its member states" or had "a significant effect against third States or worldwide organisations".

The UK's autonomous cyber sanctions regime will allow it to impose travel bans and asset freezes on individuals and organizations.

The attempted cyber-attack was aimed at hacking into the Wi-Fi network of the OPCW, which, if successful, would have compromised the security of the network and the OPCW's ongoing investigatory work.

The Estonian foreign minister said: "It is important that countries recognise the applicability of global law to cyberspace and uphold the cyber stability framework created by the UN Group of Governmental Experts, including norms of responsible state behaviour.

The UK was at the forefront of efforts to establish the EU Cyber Sanctions regime and we will continue to implement this regime after the end of the Transition Period", said British Foreign Secretary Dominic Raab.

The other two entities targeted were Tianjin Huaying Haitai Science and Technology Development Company Ltd, said to be the actor known to cyber war observers as "Advanced Persistent Threat 10" or APT10. It says they gained access to commercially sensitive data.

Another target was Chosun Expo, an export company from North Korea which, under the "WannaCry" banner, is said to have helped hack the Polish Financial Supervision Authority and Sony Pictures Entertainment.

Other reports by iNewsToday