EU, in first ever cyber sanctions, hits Russian intelligence

BRUSSELS — The European Union on July 30 slapped sanctions on six people and three organizations, including Russia’s military intelligence agency, accusing them of responsibility for several cyber-attacks that threatened EU interests.

EU headquarters said in a statement that those targeted include people considered to be involved in the 2017 “WannaCry” ransomware attack, the “NotPetya” strike that notably caused havoc in Ukraine, and the “Operation Cloud Hopper” hacking campaign.

The sanctions are the first that the EU has ever imposed for cyber-attacks.

EU foreign policy chief Josep Borrell said that “the measures concerned are a travel ban and asset freeze to natural persons and an asset freeze to entities or bodies. It is also prohibited to directly or indirectly make funds available to listed individuals and entities or bodies.”

Four members of Russia’s GRU military intelligence agency were singled out. The EU accuses them of trying to hack the wifi network of the Netherlands-based Organization for the Prohibition of Chemical Weapons, or OPCW, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.

Two Chinese nationals were also targeted over “Operation Cloud Hopper,” which the EU said hit IT systems in companies on six continents, including Europe, and “gained unauthorized access to commercially sensitive data, resulting in significant economic loss.”

A leading U.S. cybersecurity expert said the GRU attempt to hack the OPCW involved a physical visit to the organization’s facilities in The Hague.

“The consistent use of physical human intelligence teams to supplement its intrusion efforts makes the GRU a particularly effective adversary,” said John Hultquist, senior director of analysis at Mandiant Threat Intelligence.

“Sanctions may be particularly effective for disrupting this activity as they may hinder the free movement of this unit,” he said.

Hultquist said NotPetya and WannaCry were “two of the most devastating cyberattacks in history, causing billions of dollars in damaging and disrupting many vital systems.”