Six individual hackers and three corrupt organizations have been banned from traveling to or entering any of the 28-member European Union (EU) states and their assets frozen, in the first-ever cyber-related sanctions the economic union’s legislative Council has imposed.
The perpetrators, which include two Chinese citizens and four Russian nationals, were involved in the high profile WannaCry, NotPetya and Cloud Hopper cyber attacks, the Council charged in its ruling. In addition, the companies reportedly carrying out the cyber assaults include a North Korean export operation and technology companies based in China and Russia. The cyber invaders are also said to be behind an attack on the Organisation for the Prohibition of Chemical Weapons (OPCW) headquartered in The Hague, Netherlands.
As part of the sanctions, EU persons and entities are forbidden from making funds available to the cyber attackers.
“Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool,” the Council said.
Will the U.S. follow the EU Council's sanctioning lead? While U.S. law enforcement has indicted a growing number of cyber gangsters, aside from the Lazarus crew--also known as Hidden Cobra, associated with several high-profile cyber attacks, including the Sony Pictures hack in 2014 and Bangladesh Bank heist in 2016--it has not engaged in sanctioning cyber crooks similar to what the EU has done. In late July, the U.S. Justice Department made public an indictment of two Chinese nationals accused of spying on three unnamed U.S.-based targets involved in medical research to fight the coronavirus (COVID-19). The indictment accused the Chinese hackers of conducting a reconnaissance operation against a Massachusetts biotech firm known to be working on a COVID-19 vaccine. While it is unlikely the Chinese hackers will ever face trial in the U.S., they may not be sanctioned by authorities as well.
Still, the National Security Agency, the Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity Infrastructure and Systems Agency all have repeatedly issued official warnings naming well-known state sponsored cyber threat groups originating from China, North Korea and Russia.
According to the European Council, here are the individual perps:
Here are the sanctioned organizations:
“Those persons and entities or bodies are responsible for, provided support for or were involved in, or facilitated cyber-attacks or attempted cyber-attacks, including the attempted cyber-attack against the OPCW and the cyber-attacks publicly known as ‘WannaCry’ and ‘NotPetya’, as well as ‘Operation Cloud Hopper’, the Council’s ruling dated July 30, 2020 said.
In 2018, the U.S. charged Shilong in 2018 with targeting 45 companies and government agencies and stealing hundreds of gigabytes of sensitive data.