cyber-security 06 August 2020

First EU sanctions for cybercrimes target Russia, China and North Korea

The European Union has imposed travel bans and financial restrictions on a department of Russian military intelligence, as well as on firms from China and North Korea, for their alleged involvement in a number of major cyber-attacks across the world.

The EU sanctions, the first related to cybercrime, target:

  • North Korean organisation Chosun Expo, linked to the Lazarus Group, for facilitating and supporting the ‘Wannacry’ attack. This ransomware incident impacted 300,000 computers in 150 countries
  • Chinese organisation Tianjin Huaying Haitai Science and Technology Development Co. Ltd, for allegedly facilitating and supporting ‘Cloud Hopper’, a sustained cyber campaign focused on large-scale service providers seeking to gain access to commercial secrets
  • Unit 74455 of the GRU, the Russian military intelligence service, alleged to be behind the ‘NotPetya’ cyber-attack in June 2017 and four GRU officers who attempted a cyber-attack against the Organisation for the Prohibition of Chemical Weapons (‘OPCW’) in 2018

The sanctions include travel bans and asset freezes. EU individuals, companies and other entities are forbidden from making funds available to those designated.

China’s diplomatic mission to the European Union said last week that Beijing ‘is a staunch defender of network security and one of the biggest victims of hacker attacks’. It insisted that China wants global cyberspace security through ‘dialogue and cooperation’, not unilateral sanctions.

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32020R1125&from=EN

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32020D1127&from=EN