IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

EU freezes assets in major crackdown against notorious cyber gangs

Six individuals and three organisations behind WannaCry, NotPetya and Cloud Hopper are being targeted by sanctions

The EU has issued sanctions against individuals and organisations associated with the world’s most notorious hacks for the first time, with the aim of restricting resources and deterring them from future attacks.

Individuals highlighted by a European Council legal document face asset freezes and travel bans as part of a package of measures that comprise a fightback against some of the most dangerous cyber threats facing European countries.

This is in addition to a ban on any other individuals or companies from conducting business with or providing funds to those mentioned in the report. So far six individuals and three organisations are listed.

Those included are said to be behind the devastating WannaCry, NotPetya and Operation Cloud Hopper campaigns.

“Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool,” the European Council said.

“In recent years, the EU has scaled up its resilience and its ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.”

The sanctions aim to deter cyber criminals from carrying out malicious campaigns, and follows the establishment of a framework in June 2017, giving EU member states the power to use such measures against organisations and individuals.

Gao Qiang and Zhang Shilong, as well as the Huaying Haitai Science and Technology Development Co Ltd, have been identified as being behind Operation Cloud Hopper which targeted businesses in December 2018.

IBM and HPE were reportedly among those targeted by the cyber campaign which mainly arose through a malware known as Quasar RAT, with the aim being to steal corporate secrets for competitive advantage. Huaying Haitai is charged with providing financial, technical or material support for Operation Cloud Hopper.

Related Resource

Remote worker cybersecurity best practices

Strategies and tips to follow, helping to secure your workforce

Download now

The special technologies branch of the GRU, the Russian armed forces, is also included in the report and has been implicated in several cyber attacks, including the NotPetya campaign. Individuals listed in the legal document, who are also members of the GRU, include Alexey Minin, Aleksei Morenets, Evgenii Serebriakov and Oleg Sotnikov.

These attacks rendered data inaccessible for a number of companies by targeting machines with ransomware in June 2017. The infamous attacks against the Ukrainian power grid in 2015 and 2016 were also as a result of NotPetya.

The WannaCry attack, which inadvertently devastated the NHS, was facilitated in-part by Chosun Expo, which provided financial, technical or material support to the hackers, according to the European Council.

The cyber crime outfit known as the Lazarus Group, or APT38, has been associated with the North Korean-linked Chosun Group by European officials.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation

How full-stack observability can accelerate IT innovation

3 May 2022