The EU Council has added three Russian foreign military intelligence officers to the list of sanctions against Russia for conducting a series of cyberattacks against Estonia in 2020.
The individuals listed are officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155. The cyber-attacks granted attackers unauthorized access to classified information and sensitive data stored within several government ministries, —including Economic Affairs and Communications, Social Affairs, and Foreign Affairs—leading to the theft of thousands of confidential documents. These included business secrets, health records, and other critical information compromising the security of the affected institutions. Unit 29155 is also responsible for conducting cyber-attacks against other EU member states and partners, notably Ukraine.
The covert unit, known for its involvement in foreign assassinations and destabilisation activities such as bombings and cyber-attacks across Europe, and some of its military personnel active in Ukraine, Western Europe and Africa, was also sanctioned last year under the new sanction regime in view of Russia’s destabilising activities.
With the new listings, the EU horizontal cyber sanctions regime now applies to 17 individuals and 4 entities. It includes an asset freeze and a travel ban, and the prohibition for EU persons and entities to make funds available to those listed.
The decision reflects the willingness of the EU and its member states to provide a strong and sustained response to persistent malicious cyber activities targeting the EU, its member states and partners.
The EU and its member states will continue to cooperate with our international partners to promote an open, free, stable and secure cyberspace.
The relevant legal acts have been published in the Official Journal of the European Union.
