EU designates nine persons for malicious cyber-attacks threatening the EU or its Member States

White & Case LLPOn 30 July 2020, the EU designated the first individuals and entities under its 2019 sanctions framework targeting parties involved in cyber-attacks that undermine the EU’s integrity, security and economic competitiveness.

More than a year after the EU put in place a sanctions framework to designate parties involved in or facilitating planned or actual cyber-attacks that undermine the "EU's integrity, security and economic competitiveness, including increasing acts of cyber-enabled theft of intellectual property",1 the EU has designated nine persons.

Under this framework, which is country neutral, two Chinese and four Russian nationals have been designated, as well as the following entities:2

  • Tianjin Hyaying Haitai Science and Technology Development Co. Ltd (China)
  • Chosun Expo (North Korea); and
  • Main Centre for Special Technologies (GTsST) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU)

These nine persons have been listed for their role in an attempted cyber-attack to undermine the Organisation for the Prohibition of Chemical Weapons (OPCW, based in the Netherlands), cyber-activities including cyber-enabled theft of intellectual property (including those carried out by APT10), as well as the cyber-attacks publicly known as “WannaCry”, “NotPetya” and “Operation Cloud Hopper”.

As of 30 July 2020, they are subject to the EU asset freeze, meaning that all funds and economic resources belonging to or controlled by them and falling under EU jurisdiction (e.g., held by EU banks) must be frozen. Furthermore, parties falling under EU jurisdiction cannot make funds or economic resources available directly or indirectly to or for the benefit of these parties. The designated individuals are also subject to a travel ban.

1 See our alert of 20 May 2019.
2 See Council Decision (CFSP) 2020/1127 amending Council Decision (CFSP) 2019/797 concerning restrictive measures against cyber-attacks threatening the Union or its Member States and Council Implementing Regulation (EU) 2020/1125 implementing Council Regulation (EU) 2019/796 concerning restrictive measures against cyber-attacks threatening the Union or its Member States.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© White & Case LLP | Attorney Advertising

Written by:

White & Case LLP

White & Case LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.