European Union Sanctions Cyber Attackers

For the first time the European Union has collectivley decided to impose restrictive measures against six individuals and three entities responsible for or involved in various cyber attacks. The EU targets, including two citizens from China and four from Russia, as well as three organisations, one each from China, North Korea and Russia.  

The attempted cyberattack were against the Organisation for the Prohibition of Chemical Weapons and those publicly known as 'WannaCry', 'NotPetya', and 'Operation Cloud Hopper'. The sanctions imposed include a travel ban and an asset freeze. In addition, EU persons and entities are forbidden from making funds available to those listed. 

Sanctions are one of the options available to the EU to  respond to malicious cyber activities directed against the EU or its member states, and this is the first time the EU has used this tool. The legal framework for targeted restrictive measures against cyber-attacks was adopted in May 2019 and recently renewed.
Background

The EU has scaled up its resilience and its ability to respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.

In June 2017, the EU stepped up its response by establishing a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (the "cyber diplomacy toolbox"). The framework allows the EU and its member states to use all CFSP measures, including restrictive measures if necessary, to prevent, discourage, deter and respond to malicious cyber activities targeting the integrity and security of the EU and its member states. 

Targeted restrictive measures have a deterrent and dissuasive effect and should be distinguished from attribution of responsibility to a third state.

Among those falling under the sanctions are four Russian nationals and the Main Center for Special Technologies that as the EU claims is part of the Main Directorate of the General Staff of the Russian Armed Forces. According to the Russian Foreign Ministry, Moscow has repeatedly warned the European Union against the practice of unilateral sanctions, which "are absolutely illegitimate from the point of view of international law." 

The Russian statement invites the European Union to step up a professional dialogue on problems in the information sphere or to use the existing United Nations and OSCE channels and mechanisms, saying “There is no avoiding a conclusion that the European Union prefers the policy of unilateral pressure and restrictions to a serious conversation aiming at settling differences and enhancing mutual trust."  

Consilium:       TASS:       Bloomberg Law:       CGTN:  

You Might Also Read: 

What Does The EU Cybersecurity Vote Mean To You?:

 

« Hackers Breach Cisco Security Network
Reducing Exposure To Cyber Attack »

Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

BlueCat Networks

BlueCat Networks

BlueCat provides software to automate, manage and secure your network.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Private Internet Access

Private Internet Access

Private Internet Access is a Virtual Private Network services provider offering secure encrypted access to the internet.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Drootoo

Drootoo

Drootoo is transforming businesses and making them high performing entities with its unified cloud platform.

Stealth-ISS Group

Stealth-ISS Group

Stealth–ISS Group is your extended IT, cyber security, risk and compliance team, providing strategic guidance, engineering and audit services, along with technical remediation and security operations.