EU sanctions additional six over cyber attacks on EU countries, Ukraine

European Union foreign ministers approved on June 24 additional restrictive measures against six persons involved in cyber-attacks affecting information systems relating to critical infrastructure, critical state functions, the storage or processing of classified information and government emergency response teams in EU member states, a statement by the Council of the EU said.

For the first time, restrictive measures are being taken against cybercriminal actors that use ransomware campaigns against essential services, such as health and banking, the statement said.

The new listings include two members of the “Callisto group”, Ruslan Peretyatko and Andrey Korinets.

The “Callisto group” is a group of Russian military intelligence officers conducting cyber operations against EU member states and third countries through sustained phishing campaigns intended to steal sensitive data in critical state functions, including defence and external relations.

The EU also targeted Oleksandr Sklianko and Mykola Chernykh of the “Armageddon hacker group”, a group supported by the Federal Security Service (FSB) of the Russian Federation that carried out various cyber-attacks with a significant impact on the governments of EU member states and Ukraine, including by using phishing emails and malware campaigns.

Mikhail Tsarev and Maksim Galochkin, key players in the deployment of the malwares “Conti” and “Trickbot” and involved in “Wizard Spider”, are also sanctioned.

Trickbot is a malicious spyware program, created and developed by the threat group “Wizard Spider”, which has conducted ransomware campaigns in a variety of sectors, including essential services such as health and banking, and is therefore responsible for significant economic damage in the EU, the statement said.

The EU horizontal cyber sanctions regime currently applies to 14 individuals and four entities, and includes an asset freeze and a travel ban. Additionally, EU persons and entities are forbidden from making funds available to those listed.

“With these new listings, the EU and its member states reaffirm their willingness to step up efforts to provide a stronger and more sustained response to persistent malicious cyber activities targeting the EU, its member states and partners,” the Council of the EU said.

“This is in line with joint efforts with our international partners, such as the UK and the US, to disrupt and respond to cyber crime. The EU remains committed to a global, open, and secure cyberspace and, reiterate the need to strengthen international cooperation to promote the rules-based order in this area.”

The relevant legal acts have been published in the Official Journal of the European Union, the statement said.

(Photo: Ilker/

Please support The Sofia Globe’s independent journalism by becoming a subscriber to our page on Patreon:

Become a Patron!

The Sofia Globe staff

The Sofia Globe - the Sofia-based fully independent English-language news and features website, covering Bulgaria, the Balkans and the EU. Sign up to subscribe to's daily bulletin through the form on our homepage.