HomeRisk ManagementsEU Imposes Sanctions on Three Russians Linked to 2020 Cyber-Attack in Estonia

EU Imposes Sanctions on Three Russians Linked to 2020 Cyber-Attack in Estonia

Published on

spot_img

The European Union has imposed sanctions on three Russian individuals for their involvement in a 2020 cyber espionage operation targeting Estonian government agencies. According to a document released on January 27, 2025, the Council of the EU took action against Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov. These individuals, identified as members of the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center, are accused of conducting cyber-attacks aimed at Estonia and gaining unauthorized access to sensitive information.

The Council of the EU stated that the trio breached several Estonian ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, and stole classified documents containing business secrets, health records, and other critical information compromising the security of these institutions. Additionally, Unit 29155, to which the sanctioned individuals belong, has been linked to cyber-attacks against other EU member states and partners, notably Ukraine.

As a result of these sanctions, the assets of the sanctioned individuals in EU countries have been frozen, and they have been prohibited from traveling to the region. Furthermore, individuals and entities based in the EU are forbidden from providing funds to those listed under the sanctions.

Unit 29155, the Russian military intelligence unit to which the sanctioned individuals belong, is known for its involvement in cyber and kinetic operations aimed at destabilizing European countries. While the unit’s kinetic activities became public around 2019, experts believe it has been operational since at least 2008. Unit 29155 has been linked to various incidents, including the 2014 ammunition warehouse explosions in the Czech Republic and the attempted assassinations of individuals like Emilian Gebrev and former GRU Colonel Sergei Skripal.

The group’s cyber espionage and sabotage activities, known by various aliases like Cadet Blizzard, Ember Bear, Ruinous Ursa, and DEV-0586, have been ongoing since around 2020. Unit 29155 has orchestrated cyber sabotage campaigns targeting European countries, NATO member states, as well as countries in Latin America and Central Asia. Recently, their cyber activities seem to be focusing on Ukraine, with instances of deploying destructive malware like WhisperGate against Ukrainian entities.

The US, UK, and other governments jointly issued an advisory in 2024 linking WhisperGate with Unit 29155. The US State Department has even offered a reward of up to $10 million for information leading to the capture of alleged members of Unit 29155, including Korchagin and Denisov. The ongoing actions against these Russian individuals highlight the growing concern over cyber threats and the need for international cooperation to address such challenges effectively.

Source link

Latest articles

Progress Restores ShareFile Storage Access Following Security Warning

Progress Restores Access to ShareFile After Temporary Service Suspension Due to Security Threat Following a...

Why CISOs Should Implement Zero-Trust Security for IoT

Understanding IoT Security: The Role of Zero Trust in Safeguarding Connected Devices The Internet of...

Cybersecurity Requires Increased Prevention and Reduced Reliance on Cure

The Limits of a Detection-First Model As the cybersecurity landscape evolves, industry forums like the...

Researcher Discovers Ninth Windows Zero-Day Vulnerability

LegacyHive: An Emerging Local Privilege Escalation Vulnerability In a recent turn of events in the...

More like this

Progress Restores ShareFile Storage Access Following Security Warning

Progress Restores Access to ShareFile After Temporary Service Suspension Due to Security Threat Following a...

Why CISOs Should Implement Zero-Trust Security for IoT

Understanding IoT Security: The Role of Zero Trust in Safeguarding Connected Devices The Internet of...

Cybersecurity Requires Increased Prevention and Reduced Reliance on Cure

The Limits of a Detection-First Model As the cybersecurity landscape evolves, industry forums like the...