EU and UK Sanction Russian Entities Over Coordinated Cyberattacks Across Europe
The European Union and the United Kingdom have jointly imposed sanctions on numerous Russian individuals and entities, accusing Russia of orchestrating a vast network of hacking groups. These groups are implicated in a series of malicious cyber operations targeting critical infrastructure and government networks across Europe, escalating international tensions over state-sponsored digital aggression.

In a coordinated effort to counter state-sponsored cyber threats, the **European Union** and the **United Kingdom** have announced extensive sanctions against Russian individuals and entities. Both blocs accuse Russia of directing a sophisticated ecosystem of hacking groups responsible for a barrage of cyberattacks across Europe.
### EU Imposes Sanctions on GRU Officers and Cybercriminals
Today, the **Council of the European Union** revealed sanctions on nine individuals and four entities. This list notably includes officers from Russian military intelligence (**GRU**) and various cybercriminals. Simultaneously, the UK independently sanctioned 24 individuals and entities, including senior GRU figures **Vyacheslav Stafeyev**, **Ivan Senin**, and **Ivan Kasyanenko**, who are alleged to have directed cyber and hybrid operations.
### UK Targets Recruiters and Malware Operations
Britain's sanctions extend to members of the **IMPULS** company, which is accused of recruiting hackers from Russian universities. Additionally, individuals linked to the **Lumma Stealer** malware operation were designated, with UK authorities connecting the malware to at least 2,100 domestic victims within six months. Ten individuals associated with the media outlet **Rybar LLC** were also sanctioned for spreading anti-Ukraine narratives and alleged election interference in Moldova and Armenia.
### FSB's 16th Centre and Turla Group Identified
The Council of the EU publicly identified the **16th Centre of Russia's Federal Security Service (FSB)** as the controlling entity behind several cyber threat groups, including the notorious **Turla** hacking group. This unit is reported to have targeted government networks and critical infrastructure in France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland, conducting cyberespionage campaigns since 2010.
### Failed Attack on Polish Critical Infrastructure
Turla hackers were also linked to a recent unsuccessful strike against Poland's critical infrastructure, specifically energy grid organizations such as heat and power plants. Officials noted that this attack could have cut power to approximately 500,000 people during winter. The Council of the EU condemned Russia's behavior, stating, "Cybercriminals, self-proclaimed hacktivists and private companies linked to Russia, including actors operating under its instructions, direction or control, have also carried out, enabled and facilitated a wide range of malicious activities."
### Previous Attacks Attributed to Russian Groups
This incident follows a cyberattack in late December that impacted dozens of entities in Poland's power grid, damaging operational technology (**OT**) equipment. That incident was later attributed to the Russian state-backed hacking group **Sandworm**, which attempted to deploy the destructive **DynoWiper** data-wiping malware. More recently, Poland also successfully blocked a cyberattack targeting the IT infrastructure of the **National Centre for Nuclear Research (NCBJ)**.
### Broader European Cybersecurity Initiatives
These new sanctions arrive on the heels of the **European Commission's** January proposal for new cybersecurity legislation aimed at bolstering defenses against cybercrime and state-backed threat groups. In March, the Council of the European Union also sanctioned three Chinese and Iranian companies for coordinating cyberattacks targeting EU member states' critical infrastructure.