The EU has imposed additional sanctions on three Russian nationals over their involvement in cyberattacks.

The accused individuals, identified as officers attached to Unit 29155 of the General Staff of the Armed Forces of the Russian Federation (GRU), orchestrated attacks that breached classified information and sensitive data.

In a statement, the Council of the European Union wrote: “The individuals listed are officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155.”

Unit 29155 is infamous for its role in global cyber warfare, foreign assassinations, and destabilising activities, including sabotage and bombings.

The 2020 cyberattacks included unauthorised access to sensitive data held by several crucial Estonian government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs. Thousands of private documents – ranging from business secrets to health records – were stolen, compromising the operational security of the affected entities. 

The EU highlighted that the same GRU unit has also carried out similar offensive cyber actions against other EU member states and allied nations, with Ukraine being an especially frequent target.

Military intelligence personnel linked to the unit are known to be active in conflict zones and regions of strategic interest such as Western Europe, Africa, and Ukraine.

EU continues to expand sanctions regime

Today’s sanctions bring the number of individuals targeted by the EU’s horizontal cyber sanctions regime to 17, alongside four entities. The measures include travel bans and asset freezes for the listed individuals, as well as a prohibition on EU citizens and entities making funds available to them. 

The EU reiterated its commitment to protecting its digital ecosystem from persistent and malicious cyber threats.

“This decision confirms the willingness of the EU and its member states to provide a strong and sustained response to persistent malicious cyber activities targeting the EU, its member states, and partners,” the Council declared.

Relevant legal measures accompanying the sanctions were published in the Official Journal of the EU to enforce the latest listings.

Cybersecurity and cyber deterrence have been high on the EU’s agenda in recent years amid escalating threats from both state and non-state actors. In 2017, the EU adopted the “Cyber Diplomacy Toolbox,” a framework enabling member states to collectively respond to cyber incidents that affect the bloc. This paved the way for protective restrictive measures.

In 2019, the EU formally established a framework for addressing cyberattacks that threaten the security and integrity of its member states. The framework enables the EU to respond to malicious activities through sanctions ranging from travel bans and financial restrictions to broader diplomatic measures.

Ongoing concerns over cybersecurity prompted the Council to approve conclusions on 21 May 2024 aimed at shaping a more resilient EU. This was followed by the inclusion of six additional individuals in the sanctions list on 24 June 2024, linked to cyberattacks targeting EU member states and Ukraine.

Meanwhile, the October 2024 establishment of a framework to respond specifically to Russia’s destabilising actions marked another milestone in Europe’s escalating cyber defensive measures. This framework enables the EU to counter disruptive actions detrimental to international stability and democratic values.

The EU continues to take a hardline approach to Russia’s hybrid warfare tactics, including cyberattacks, critical infrastructure sabotage, and disinformation campaigns. In its most recent 19 December 2024 conclusions, the European Council strongly condemned Russia’s disruptive actions, including attempts to undermine democratic processes within member states.

This latest sanctions move underscores the intensifying standoff between the EU and Russia over cyber activities. It also sends a clear warning to other perpetrators seeking to exploit cyberspace as a theatre for malicious operations.

As the EU takes steps to fortify its digital defences, it calls on international partners to maintain collaborative efforts in ensuring the protection of a secure cyberspace.

See also: Malware targets enterprise-grade Juniper routers

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including Digital Transformation Week, IoT Tech Expo, Blockchain Expo, and AI & Big Data Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: cyber security, cybersecurity, eu, europe, government, hacking, infosec, law, legal, politics, russia, sanctions, Security