EU freezes assets in major crackdown against notorious cyber gangs

Six individuals and three organisations behind WannaCry, NotPetya and Cloud Hopper are being targeted by sanctions

The EU has issued sanctions against individuals and organisations associated with the world’s most notorious hacks for the first time, with the aim of restricting resources and deterring them from future attacks.

Individuals highlighted by a European Council legal document face asset freezes and travel bans as part of a package of measures that comprise a fightback against some of the most dangerous cyber threats facing European countries.

This is in addition to a ban on any other individuals or companies from conducting business with or providing funds to those mentioned in the report. So far six individuals and three organisations are listed.

Those included are said to be behind the devastating WannaCry, NotPetya and Operation Cloud Hopper campaigns.

“Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool,” the European Council said.

“In recent years, the EU has scaled up its resilience and its ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.”

The sanctions aim to deter cyber criminals from carrying out malicious campaigns, and follows the establishment of a framework in June 2017, giving EU member states the power to use such measures against organisations and individuals.

Gao Qiang and Zhang Shilong, as well as the Huaying Haitai Science and Technology Development Co Ltd, have been identified as being behind Operation Cloud Hopper which targeted businesses in December 2018.

IBM and HPE were reportedly among those targeted by the cyber campaign which mainly arose through a malware known as Quasar RAT, with the aim being to steal corporate secrets for competitive advantage. Huaying Haitai is charged with providing financial, technical or material support for Operation Cloud Hopper.

Related Resource

Remote worker cybersecurity best practices

Strategies and tips to follow, helping to secure your workforce

Download now

The special technologies branch of the GRU, the Russian armed forces, is also included in the report and has been implicated in several cyber attacks, including the NotPetya campaign. Individuals listed in the legal document, who are also members of the GRU, include Alexey Minin, Aleksei Morenets, Evgenii Serebriakov and Oleg Sotnikov.

These attacks rendered data inaccessible for a number of companies by targeting machines with ransomware in June 2017. The infamous attacks against the Ukrainian power grid in 2015 and 2016 were also as a result of NotPetya.

The WannaCry attack, which inadvertently devastated the NHS, was facilitated in-part by Chosun Expo, which provided financial, technical or material support to the hackers, according to the European Council.

The cyber crime outfit known as the Lazarus Group, or APT38, has been associated with the North Korean-linked Chosun Group by European officials.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now


Cyber attacks on manufacturing up 300% in a year

Cyber attacks on manufacturing up 300% in a year

11 May 2021

Most Popular

UK gov considers blocking Nvidia's takeover of Arm

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021