First-ever EU cyber sanctions hit Russian, Chinese, North Koreans

The European Union has imposed its first-ever sanctions over cyberattacks, slapping them on alleged Russian military agents, Chinese cyber spies and organisations including a North Korean firm.

The six people and three groups hit with sanctions include Russia's GRU military intelligence agency. EU headquarters blamed them in a statement for the 2017 WannaCry ransomware and NotPetya malware attacks and the Cloud Hopper cyberespionage campaign.

EU foreign policy chief Josep Borrell said on Thursday the sanctions are a travel ban and asset freeze to natural persons and an asset freeze to entities or bodies. It is also prohibited to directly or indirectly make funds available to listed individuals and entities or bodies.

Four Russians identified as GRU members were accused of trying to hack the Wi-Fi network of the Netherlands-based Organisation for the Prohibition of Chemical Weapons, or OPCW, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.

The GRU was also sanctioned for NotPetya, which targeted companies that do business with Ukraine and caused billions of dollars in damage globally, and cyberattacks on Ukraine's power grid in 2015 and 2016.

The two sanctioned Chinese nationals were accused of involvement in Operation Cloud Hopper, which the EU said hit companies on six continents, including Europe, through cloud services providers and gained unauthorised access to commercially sensitive data, resulting in significant economic loss.

One of the two, Zhang Shilong, was indicted in the United States in December 2018 for his alleged role in the operation, which U.S. authorities said at the time targeted a wide array of industries including aviation, biotechnology and satellite and maritime technology. Also sanctioned by the EU was the Chinese company Huaying Haitai, listed as Zhang's employer.

The North Korean firm sanctioned is Chosun Expo, which the EU said backed cyberattacks including WannaCry, the hacking of Sony Pictures and cyber robberies of Vietnamese and Bangladeshi banks.

A leading U.S. cybersecurity expert noted that the attempt to hack the chemical weapons group involved a rare physical visit to its organization's facilities in The Hague, Netherlands.

The consistent use of physical human intelligence teams to supplement its intrusion efforts makes the GRU a particularly effective adversary, said John Hultquist, director of threat intelligence at FireEye.

Sanctions may be particularly effective for disrupting this activity as they may hinder the free movement of this unit, he said.


(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)


Dear Reader,


Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel