HomeRisk ManagementsEU Imposes Sanctions on Three Russians Linked to 2020 Cyber-Attack in Estonia

EU Imposes Sanctions on Three Russians Linked to 2020 Cyber-Attack in Estonia

Published on

spot_img

The European Union has imposed sanctions on three Russian individuals for their involvement in a 2020 cyber espionage operation targeting Estonian government agencies. According to a document released on January 27, 2025, the Council of the EU took action against Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov. These individuals, identified as members of the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center, are accused of conducting cyber-attacks aimed at Estonia and gaining unauthorized access to sensitive information.

The Council of the EU stated that the trio breached several Estonian ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, and stole classified documents containing business secrets, health records, and other critical information compromising the security of these institutions. Additionally, Unit 29155, to which the sanctioned individuals belong, has been linked to cyber-attacks against other EU member states and partners, notably Ukraine.

As a result of these sanctions, the assets of the sanctioned individuals in EU countries have been frozen, and they have been prohibited from traveling to the region. Furthermore, individuals and entities based in the EU are forbidden from providing funds to those listed under the sanctions.

Unit 29155, the Russian military intelligence unit to which the sanctioned individuals belong, is known for its involvement in cyber and kinetic operations aimed at destabilizing European countries. While the unit’s kinetic activities became public around 2019, experts believe it has been operational since at least 2008. Unit 29155 has been linked to various incidents, including the 2014 ammunition warehouse explosions in the Czech Republic and the attempted assassinations of individuals like Emilian Gebrev and former GRU Colonel Sergei Skripal.

The group’s cyber espionage and sabotage activities, known by various aliases like Cadet Blizzard, Ember Bear, Ruinous Ursa, and DEV-0586, have been ongoing since around 2020. Unit 29155 has orchestrated cyber sabotage campaigns targeting European countries, NATO member states, as well as countries in Latin America and Central Asia. Recently, their cyber activities seem to be focusing on Ukraine, with instances of deploying destructive malware like WhisperGate against Ukrainian entities.

The US, UK, and other governments jointly issued an advisory in 2024 linking WhisperGate with Unit 29155. The US State Department has even offered a reward of up to $10 million for information leading to the capture of alleged members of Unit 29155, including Korchagin and Denisov. The ongoing actions against these Russian individuals highlight the growing concern over cyber threats and the need for international cooperation to address such challenges effectively.

Source link

Latest articles

Cyber Briefing – July 7, 2026: CyberMaterial

Cybersecurity Updates: Key Vulnerabilities and Industry Developments In a rapidly evolving digital landscape, cybersecurity remains...

Government Launches Cyber Resilience Pledge with Over 60 Signatories

The UK government has announced that over 60 businesses have officially joined a new...

SindriKit 1.3.0 Exploits Call Stack Spoofing to Evade EDR Detection

SindriKit 1.3.0: A Major Leap in Evasion Techniques Against EDR Systems The recent release of...

The Evolving Role of the CISO as the Future CFO

The Pressing Question of Cybersecurity Assurance: Is the CISO Role Sustainable? In the fast-evolving landscape...

More like this

Cyber Briefing – July 7, 2026: CyberMaterial

Cybersecurity Updates: Key Vulnerabilities and Industry Developments In a rapidly evolving digital landscape, cybersecurity remains...

Government Launches Cyber Resilience Pledge with Over 60 Signatories

The UK government has announced that over 60 businesses have officially joined a new...

SindriKit 1.3.0 Exploits Call Stack Spoofing to Evade EDR Detection

SindriKit 1.3.0: A Major Leap in Evasion Techniques Against EDR Systems The recent release of...