EU Sanctions Russians For Attacks On Estonia

Uploaded on 2025-02-03 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

The Council of the European Union has sanctioned three named Russians  - Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, who are all officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155.

The Council has decided that all three individuals are responsible for cyber attacks against computer systems with the intention of collecting data from the data systems of multiple institutions with an aim to gain insights into the cyber security policy of Estonia.

Together with Allies and partners, including the United States, Ukraine, Germany, Latvia, The Netherlands and the Czech Republic, a technical advisory has been published to warn against the malicious cyber operations of this group.

"The cyber-attacks granted attackers unauthorised access to classified information and sensitive data stored within several government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, leading to the theft of thousands of confidential documents," said the EU Council.

The breach included business secrets, health records, and other critical information that compromised the security of the affected institutions.

Unit 29155 was has been previously implicated by the US government and its allies in a string of cyber attacks aimed at government services, financial services, transportation systems, and healthcare and energy sectors of North Atlantic Treaty Organisation (NATO) members, the European Union, Central American, and Asian countries.

Since early 2022, the the GRU hacking unit  is assessed to have targeted and disrupted efforts to provide aid to Ukraine. 

 he threat activity cluster is also tracked by the cyber security community under the names Cadet Blizzard, Ember Bear, FROZENVISTA, Nodaria, Ruinous Ursa, UAC-0056, and UNC2589.

And Korchagin and Denisov have also been charged by the US Department of Justice (DoJ) for their alleged involvement in a conspiracy to commit computer intrusion and wire fraud conspiracy against targets in Ukraine, the US and 25 other NATO countries.

With the latest enforcement action, a total of 17 individuals and four entities are subject to asset freezes and travel bans, in addition to prohibiting EU persons and entities from transacting with those listed.

Recently, the Council also sanctioned 16 individuals and three entities, including GRU Unit 29155 and its commander Andrey Vladimirovich Averyanov, that it said were responsible for "Russia's destabilising actions abroad."

"Through coups, assassinations, bombings, and cyber attacks against other countries around the world in connection with the war in Ukraine, it has sought to create chaos and destabilise European Union countries," the Council said. "By carrying out such actions, it seeks to help and benefit Russia."

The Hacker News     |     Estonia Ministry of Foreign Affairs     |     Council of the European Union     |    

EU Neighbours East   Security Week     |     Bleeping Computer     |     Estonia Ministry for Foreign Affairs

Image: Ideogram

You Might Also Read: 

Latvia's Defence Ministry Targeted:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« CISOs Increase Crisis Simulation Budgets
US Nationals Indicted For Fraudulent Remote IT Work »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

National Cyber Security Centre (NCSC) - Norway

National Cyber Security Centre (NCSC) - Norway

NCSC is part of the Norwegian Security Authority, and is Norway's national cyber security hub and the national CERT.

Compumatica

Compumatica

Compumatica is a leading European ICT security manufacturer for cybersecurity and encryption products. Solutions include network security, SCADA/ICS security, Mobile/BYOD and email encryption.

SMiD Cloud

SMiD Cloud

SMiD encryption technology has been developed following the highest security practices to allow the data availability, integrity and confidentiality.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

PNGCERT

PNGCERT

PNGCERT is the national Computer Emergency Response Team (CERT) for Papua New Guinea.

Kontex

Kontex

Kontex is a Cyber Security consultancy creating resilient solutions. From Strategy, Advisory and Implementation to Management and everything in between.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

Prophaze Technologies

Prophaze Technologies

Prophaze enable organizations and SaaS providers to improve their web application cybersecurity and reduce costs through AI automation.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.