EU sanctions hackers from China, Russia, North Korea who’re wanted by the FBI

The Council of the European Union has imposed its first-ever
sanctions against persons or entities involved in various
cyber-attacks targeting European citizens, and its member states.

The directive has been issued against six individuals and three
entities responsible for or involved in various cyber-attacks, out
of which some publicly known are ‘WannaCry^[1]‘, ‘NotPetya^[2]‘, and ‘Operation Cloud
Hopper^[3],’ as well as an
attempted cyber-attack against the organization for the prohibition
of chemical weapons.

Out of the six individuals sanctioned by the EU include two
Chinese citizens and four Russian nationals. The companies involved
in carrying out cyberattacks include an export firm based in North
Korea, and technology companies from China and Russia.

The sanctions
imposed include a ban on persons traveling to any EU countries
and a freeze of assets on persons and entities.
^[4]

Besides this, EU citizens and entities are also forbidden from
doing any business or engaging in transactions with those on the
sanction list.

According to the European Council, the detailed of these persons
or entities are:

• Two Chinese Individuals—Gao Qiang and Zhang Shilong—and
  a technology firm, named Tianjin Huaying Haitai Science and
  Technology Development Co. Ltd, for the Operation Cloud
  Hopper.

The US government has
also charged Shilong^[5]
in 2018 for targeting over 45 companies and government agencies and
stealing hundreds of gigabytes of sensitive data from its targets,
but the suspect is still at large.

Operation Cloud Hopper was a series of cyber-attacks targeting
information systems of multinational companies in six continents,
including those located in the EU, and gaining unauthorized access
to commercially sensitive data, resulting in economic loss.

• Four Russian nationals (also wanted by the FBI) —
  Alexey
  Valeryevich^[6], Aleksei
  Sergeyvich^[7], Evgenii
  Mikhaylovich^[8], and Oleg
  Mikhaylovich^[9]—for attempting to target
  the Organisation for the Prohibition of Chemical Weapons (OPCW), in
  the Netherlands.
• A Russian technology firm (exposed by the
  NSA^[10]) — Main Centre for
  Special Technologies (GTsST) of the Main Directorate of the General
  Staff of the Armed Forces of the Russian Federation—for the
  NotPetya ransomware attack in 2017 and the cyber-attacks directed
  at a Ukrainian power grid in the winter of 2015 and 2016.
• A North Korean export firm — Chosun
  Expo^[11], for the WannaCry
  ransomware attack^[12] that made havoc by
  disrupting information systems worldwide in 2017 and linked to the
  well-known Lazarus
  group^[13].

According to the European Union, the two Chinese nationals who
carried out Operation Cloud Hopper are members of the APT10 threat
actor group, also known as ‘Red Apollo,’ ‘Stone Panda,’ ‘MenuPass’
and ‘Potassium.’
On the other hand, the four Russian nationals were agents of the
Russian intelligence agency GRU who once aimed to hack into the
Wi-Fi network of the OPCW, which, if successful, would have allowed
them to compromise the OPCW’s ongoing investigatory work.

“Sanctions are one of the options available in the EU’s cyber
diplomacy toolbox to prevent, deter and respond to malicious cyber
activities directed against the EU or its member states, and today
is the first time the EU has used this tool,” the Council said.

Last year, the United States also sanctioned the
Lazarus group, also known as Hidden Cobra
and Guardians of Peace, which has also been associated with several
high-profile cyberattacks, including Sony Pictures hack
in 2014 and Bangladesh Bank
heist in 2016.
^{[14][15][16][17]}