EU Sanctions Russians For Attacks On Estonia

Uploaded on 2025-02-03 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

The Council of the European Union has sanctioned three named Russians  - Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, who are all officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155.

The Council has decided that all three individuals are responsible for cyber attacks against computer systems with the intention of collecting data from the data systems of multiple institutions with an aim to gain insights into the cyber security policy of Estonia.

Together with Allies and partners, including the United States, Ukraine, Germany, Latvia, The Netherlands and the Czech Republic, a technical advisory has been published to warn against the malicious cyber operations of this group.

"The cyber-attacks granted attackers unauthorised access to classified information and sensitive data stored within several government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, leading to the theft of thousands of confidential documents," said the EU Council.

The breach included business secrets, health records, and other critical information that compromised the security of the affected institutions.

Unit 29155 was has been previously implicated by the US government and its allies in a string of cyber attacks aimed at government services, financial services, transportation systems, and healthcare and energy sectors of North Atlantic Treaty Organisation (NATO) members, the European Union, Central American, and Asian countries.

Since early 2022, the the GRU hacking unit  is assessed to have targeted and disrupted efforts to provide aid to Ukraine. 

 he threat activity cluster is also tracked by the cyber security community under the names Cadet Blizzard, Ember Bear, FROZENVISTA, Nodaria, Ruinous Ursa, UAC-0056, and UNC2589.

And Korchagin and Denisov have also been charged by the US Department of Justice (DoJ) for their alleged involvement in a conspiracy to commit computer intrusion and wire fraud conspiracy against targets in Ukraine, the US and 25 other NATO countries.

With the latest enforcement action, a total of 17 individuals and four entities are subject to asset freezes and travel bans, in addition to prohibiting EU persons and entities from transacting with those listed.

Recently, the Council also sanctioned 16 individuals and three entities, including GRU Unit 29155 and its commander Andrey Vladimirovich Averyanov, that it said were responsible for "Russia's destabilising actions abroad."

"Through coups, assassinations, bombings, and cyber attacks against other countries around the world in connection with the war in Ukraine, it has sought to create chaos and destabilise European Union countries," the Council said. "By carrying out such actions, it seeks to help and benefit Russia."

The Hacker News     |     Estonia Ministry of Foreign Affairs     |     Council of the European Union     |    

EU Neighbours East   Security Week     |     Bleeping Computer     |     Estonia Ministry for Foreign Affairs

Image: Ideogram

You Might Also Read: 

Latvia's Defence Ministry Targeted:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« CISOs Increase Crisis Simulation Budgets
US Nationals Indicted For Fraudulent Remote IT Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

ecsec

ecsec

ecsec is a specialized vendor of security solutions including information security management, smart card technology, identity management, cloud computing and electronic signature technology.

Sonda

Sonda

SONDA is the leading systems integrator and IT service provider in Latin America.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

Ampyx Cyber

Ampyx Cyber

Ampyx Cyber (formerly Ampere Industrial Security) is an industrial security firm. We specialize in industrial control systems (ICS) and operational technology (OT) security.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

Knowit

Knowit

Knowit support customers in the digital transformation, simplify people’s everyday lives and create secure and innovative solutions enabling a sustainable future.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

SafeAeon

SafeAeon

SafeAeon is a leading Cybersecurity-as-a-Service provider, offering 24x7 premium Managed Security Services with AI-powered and Human-driven 24x7 SOC.

EyBrids

EyBrids

As a forward-thinking cybersecurity consulting firm, we believe that robust security is the foundation for innovation and growth in today’s digital landscape.