The European Union and the United Kingdom jointly sanctioned dozens of Russian individuals and entities and accused Russia of coordinating a network of hacking groups responsible for attacks across Europe.
Today, the Council of the European Union announced sanctions on nine individuals and four entities, including Russian military intelligence (GRU) officers and cybercriminals, while the UK separately sanctioned 24 individuals and entities, including senior GRU figures Vyacheslav Stafeyev, Ivan Senin, and Ivan Kasyanenko, whom officials say directed cyber and hybrid operations.
Britain also sanctioned members of the IMPULS company, accused of recruiting hackers from Russian universities, as well as individuals tied to the Lumma Stealer malware operation, which UK authorities linked to at least 2,100 domestic victims over six months. Ten people connected to media outlet Rybar LLC were also designated for spreading anti-Ukraine narratives and alleged election interference in Moldova and Armenia.
The Council of the EU also publicly identified the 16th Centre of Russia’s Federal Security Service (FSB) as controlling several cyber threat groups, including the notorious Turla hacking group.
Officials said the unit has spent years targeting government networks and critical infrastructure in France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland, running cyberespionage campaigns against government and defense targets since 2010.
Turla hackers were also linked to a recent failed strike targeting Poland’s critical infrastructure, including energy grid organizations such as heat and power plants, which could have cut power to roughly 500,000 people during winter.
“Cybercriminals, self-proclaimed hacktivists and private companies linked to Russia, including actors operating under its instructions, direction or control, have also carried out, enabled and facilitated a wide range of malicious activities. We strongly condemn Russia’s behaviour and misuse of this cyber ecosystem, targeting public services and critical infrastructure, causing disruptions and financial losses,” the Council of the EU said.
“In response to malicious activities, the EU is also imposing restrictive measures on nine individuals and four entities. These EU sanctions include GRU intelligence officers, as well as cybercriminals, self-proclaimed hacktivists and private companies that contribute to Russia’s efforts to destabilise the EU, its member states and international partners.”
As BleepingComputer previously reported, a cyberattack in late December that hit dozens of entities in Poland’s power grid damaged key operational technology (OT) equipment beyond repair but failed to disrupt power. The incident was later attributed to the Russian state-backed hacking group Sandworm, which attempted to deploy the destructive DynoWiper data-wiping malware and disable compromised devices.
More recently, Poland also blocked a cyberattack targeting the IT infrastructure of the National Centre for Nuclear Research (NCBJ), the country’s main government nuclear research institute specializing in nuclear physics, reactor technology, and particle physics.
Today’s sanctions come on the heels of the European Commission’s January proposal for new cybersecurity legislation designed to strengthen defenses against cybercrime and state-backed threat groups targeting European critical infrastructure.
In March, the Council of the European Union also sanctioned three Chinese and Iranian companies for coordinating cyberattacks targeting EU member states’ critical infrastructure.
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
US and allies warn of Russian critical infrastructure attacks
Russian hackers turn Kazuar backdoor into modular P2P botnet
UK charges suspects linked to Russian Coms call spoofing platform
Breach at the Beach: Play the Ultimate Entra ID CTF
New U-Boot flaws could enable stealthy firmware attacks
Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time
Australia warns of global campaign targeting vulnerable CMS platforms
‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets
How Mature Is Your AI Security Program? Take the Free AI Maturity Assessment.
#1 MSP Benchmark report 2026: Insights from 1,000+ MSPs on growth, security, artificial intelligence, and key 2026 trends.
Your Scanners Are Green. Your Pipeline Might Not Be. Here’s How to Close the Gap.
AI is a data-breach time bomb: Read the new report?utm_source=bleepingcomputer&utm_medium=referral&utm_campaign=bleepingcomputer_referral&utm_content=article
Overdue a password health-check? Audit your Active Directory for free
Terms of Use – Privacy Policy – Ethics Statement – Affiliate Disclosure
Read our posting guidelinese to learn what content is prohibited.



