The European Union on Thursday imposed its first ever sanctions for alleged cyberattacks. The measures involve financial and travel restrictions against officials from Russian military intelligence, as well as firms from North Korea and China, member states said in a statement.
The bloc said the six individuals and three entities sanctioned were involved in a number of cyberattacks, including hacking the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Netherlands in 2018. Those targeted are suspected of being behind the WannaCry, NotPetya and Operation Cloud Hopper attacks.
EU: Cyberattacks an 'external threat'
The EU accused a specialist unit from Russia's GRU military intelligence agency of carrying out two cyberattacks in 2018 that targeted several companies in Europe with ransomware and blocked their data, causing huge financial losses. The Russian unit, known as the Main Center for Special Technologies, is said to be behind the NotPetya attacks and is accused of targeting Ukraine's power grid in 2015 and 2016.
Four alleged GRU agents were also sanctioned for what the EU said was an attempted cyberattack on the OPCW.
EU foreign policy chief Josep Borrell said the measures announced Thursday were needed "to better prevent, discourage, deter and respond to such malicious behaviour in cyberspace."
The attacks represented "an external threat to the European Union or its member states" or had "a significant effect against third states or international organizations," he added.
Chinese, North Korean companies targeted
An export company from North Korea and two Chinese firms were also included in the sanctions.
The North Korean company, Chosun Expo, is suspected of supporting WannaCry and a string of major financial attacks around the world, including cyber theft against Bangladesh Bank, as well as the 2014 hack of Sony Pictures.
One of the sanctioned Chinese firms, Haitai Technology Development, is accused of supporting the Operation Cloud Hopper cyberattacks, which the European Council said "targeted information systems of multinational companies in six continents ... and gained unauthorised access to commercially sensitive data, resulting in significant economic loss."
dr/rt (AFP, dpa, Reuters)