EU, in first-ever cyber sanctions, hits Russian intelligence

BRUSSELS (AP) — The European Union on Thursday slapped sanctions on six people and three organizations, including Russia’s military intelligence agency, accusing them of responsibility for several cyber-attacks that threatened EU interests.

EU headquarters said in a statement that those targeted include people considered to be involved in the 2017 “WannaCry” ransomware attack, the “NotPetya” strike that notably caused havoc in Ukraine, and the “Operation Cloud Hopper” hacking campaign.

The sanctions are the first that the EU has ever imposed for cyber-attacks.

EU foreign policy chief Josep Borrell said that “the measures concerned are a travel ban and asset freeze to natural persons and an asset freeze to entities or bodies. It is also prohibited to directly or indirectly make funds available to listed individuals and entities or bodies.”

Four members of Russia’s GRU military intelligence agency were singled out. The EU accuses them of trying to hack the wifi network of the Netherlands-based Organization for the Prohibition of Chemical Weapons, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.

Two Chinese nationals were also targeted over “Operation Cloud Hopper,” which the EU said hit IT systems in companies on six continents, including Europe, and “gained unauthorized access to commercially sensitive data, resulting in significant economic loss.”