In order to ensure the highest quality of our services, we use small files called cookies. When using our website, the cookie files are downloaded onto your device. You can change the settings of your browser at any time. In addition, your use of our website is tantamount to your consent to the processing of your personal data provided by electronic means.
Back

EU imposes the first ever sanctions against cyber-attacks

31.07.2020

The Council today decided to impose restrictive measures against six individuals and three entities responsible for or involved in various cyber-attacks. These include the attempted cyber-attack against the OPCW (Organisation for the Prohibition of Chemical Weapons) and those publicly known as 'WannaCry', 'NotPetya', and 'Operation Cloud Hopper'.

MSZ

The sanctions imposed include a travel ban and an asset freeze. In addition, EU persons and entities are forbidden from making funds available to those listed.

Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool. The legal framework for targeted restrictive measures against cyber-attacks was adopted in May 2019 and recently renewed.

In recent years, the EU has scaled up its resilience and its ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.

In June 2017, the EU stepped up its response by establishing a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (the "cyber diplomacy toolbox"). The framework allows the EU and its member states to use all CFSP measures, including restrictive measures if necessary, to prevent, discourage, deter and respond to malicious cyber activities targeting the integrity and security of the EU and its member states.

Targeted restrictive measures have a deterrent and dissuasive effect and should be distinguished from attribution of responsibility to a third state.

The EU remains committed to a global, open, stable, peaceful and secure cyberspace and therefore reiterates the need to strengthen international cooperation in order to promote the rules-based order in this area.

This is a very important act showing that the perpetrators of cyber attacks can be identified and punished. The unanimous decision of the EU member states to apply restrictive measures is proof of the growing determination in the fight against cyber attacks that threaten the security of the Union.

For more information, please visit:

Declaration by the High Representative Josep Borrell on behalf of the EU: European Union response to promote international security and stability in cyberspace

Council implementing regulation concerning restrictive measures against cyber-attacks threatening the Union or its member states, 30 July 2020

 

Ministry of Foreign Affairs
Press Office

Photo / MFA