EU targets Russian intelligence officers accused of running a yearslong cyber spying campaign

BRUSSELS – In a significant escalation of tensions between Brussels and Moscow, the European Union rolled out punitive sanctions Monday against Russian military intelligence officials, cyber hackers and private entities, formally condemning what bloc leaders describe as a years-long pattern of state-aligned cyber espionage designed to destabilize the 27-nation union.

The sanctions regime targets a total of nine individuals and four organizations that the EU links to a sophisticated cross-border online spying network. According to official documents, this network has carried out targeted attacks against government institutions and conducted sabotage operations against European critical infrastructure – including heating facilities and power stations – dating back to 2010. In a public statement, the European Council emphasized that all sanctioned parties directly “contribute to Russia’s efforts to destabilize the EU, its member states and international partners.” Evidence confirms these malicious cyber activities have been executed in at least nine EU member states, with France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania and Finland explicitly named as targeted nations.

Notably, the European Council’s public announcement did not release the full identities of the sanctioned individuals and entities, a departure from standard public sanctions documentation in many previous cases.

France, one of the nations most impacted by the alleged cyber activities, has announced additional diplomatic action in response. French Foreign Minister Jean-Noël Barrot told BFM Television that Paris will summon Russia’s ambassador to France in the coming days to address the incidents. Barrot outlined the dual harmful goals of the Russian campaign: exfiltrating sensitive confidential information, and carrying out disruptive sabotage of key public infrastructure. He referenced a prior attack on Polish railway networks as a clear example of the sabotage campaign’s real-world impact.

At the center of the EU’s punitive measures is the 16th Center of Russia’s Federal Security Service (FSB), Russia’s main domestic intelligence and security agency. The EU’s official designation confirms the unit has maintained direct control over a range of cyber threat groups operating across Europe, and has overseen a steady expansion in the scope and severity of malicious cyber operations against the bloc.

This latest action builds on growing international alarm over Russian state-aligned cyber activity across Europe. Multiple nations have previously publicly accused Russia of leveraging cyberattacks and disinformation campaigns to interfere in sovereign democratic election processes. Most recently, in April, Swedish officials confirmed that a pro-Russian hacking group with ties to Russian intelligence services was responsible for a cyberattack on a Swedish heating facility in 2023. That announcement followed repeated public warnings from security officials in Poland, Norway, Denmark and Latvia, who have all documented increasing Russian cyber incursions against critical national infrastructure across the continent.