European Union ambassadors have given the green light to sanctions on Russia’s GRU military intelligence unit, as well as on Chinese and North Korean entities over three separate cyberattacks in recent years.
Several sources familiar with the file told RFE/RL on July 22 that the ambassadors decided to freeze assets of the GRU, China’s Tianjin Huaying Haitai Science & technology development Co., and North Korea’s Chosun Expo.
They also will freeze potential funds held by all three in the bloc and impose visa bans on six unnamed citizens from China and Russia who the bloc believe are behind the WannaCry, NotPetya and Cloud Hopper cyberattacks.
The sanctions, which will be formally adopted before the end of July, are the first ever imposed by the EU under its new cybersanctions regime, which was adopted last year and allows the bloc to implement visa bans and asset freezes on people and entities involved in cyberattacks both against EU member states and third countries and international organizations.
The WannaCry ransomware attack in May 2018, followed by NotPetya a month later, paralyzed computers — and companies — globally. The China-based hacker group APT10 is suspected of being behind the Cloud Hopper attack, which targeted businesses and government agencies through IT service providers.
The attacks, which have been linked to the three countries by various intelligence agencies, hit several EU member states and other countries around the world.
EU officials have accused Russia of conducting a hacking campaign against the West.
Russia is accused of being behind an attempt to hack into the network of the global chemical-weapons watchdog, the Organization for the Prohibition of Chemical Weapons, in the Netherlands last year.
The agency had been investigating the nerve-agent attack on former Russian double agent Sergei Skripal and his daughter in Britain in 2018, as well as the alleged use of chemical weapons by the Syrian government.
Separately, sources said the European Union is also working on listing two additional individuals, as well as one entity, all from Russia, who Berlin claims were involved in a 2015 cyberattack against the German Bundestag.
German Chancellor Angela Merkel said that there was “hard evidence” of the involvement of “Russian forces” in the attack against the German parliament in which documents from her own parliamentary office were reportedly stolen.
Russia has denied any involvement in the hacking incidents.