EU Sanctions Russians For Attacks On Estonia

Uploaded on 2025-02-03 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

The Council of the European Union has sanctioned three named Russians  - Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, who are all officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155.

The Council has decided that all three individuals are responsible for cyber attacks against computer systems with the intention of collecting data from the data systems of multiple institutions with an aim to gain insights into the cyber security policy of Estonia.

Together with Allies and partners, including the United States, Ukraine, Germany, Latvia, The Netherlands and the Czech Republic, a technical advisory has been published to warn against the malicious cyber operations of this group.

"The cyber-attacks granted attackers unauthorised access to classified information and sensitive data stored within several government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs, leading to the theft of thousands of confidential documents," said the EU Council.

The breach included business secrets, health records, and other critical information that compromised the security of the affected institutions.

Unit 29155 was has been previously implicated by the US government and its allies in a string of cyber attacks aimed at government services, financial services, transportation systems, and healthcare and energy sectors of North Atlantic Treaty Organisation (NATO) members, the European Union, Central American, and Asian countries.

Since early 2022, the the GRU hacking unit  is assessed to have targeted and disrupted efforts to provide aid to Ukraine. 

 he threat activity cluster is also tracked by the cyber security community under the names Cadet Blizzard, Ember Bear, FROZENVISTA, Nodaria, Ruinous Ursa, UAC-0056, and UNC2589.

And Korchagin and Denisov have also been charged by the US Department of Justice (DoJ) for their alleged involvement in a conspiracy to commit computer intrusion and wire fraud conspiracy against targets in Ukraine, the US and 25 other NATO countries.

With the latest enforcement action, a total of 17 individuals and four entities are subject to asset freezes and travel bans, in addition to prohibiting EU persons and entities from transacting with those listed.

Recently, the Council also sanctioned 16 individuals and three entities, including GRU Unit 29155 and its commander Andrey Vladimirovich Averyanov, that it said were responsible for "Russia's destabilising actions abroad."

"Through coups, assassinations, bombings, and cyber attacks against other countries around the world in connection with the war in Ukraine, it has sought to create chaos and destabilise European Union countries," the Council said. "By carrying out such actions, it seeks to help and benefit Russia."

The Hacker News     |     Estonia Ministry of Foreign Affairs     |     Council of the European Union     |    

EU Neighbours East   Security Week     |     Bleeping Computer     |     Estonia Ministry for Foreign Affairs

Image: Ideogram

You Might Also Read: 

Latvia's Defence Ministry Targeted:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« CISOs Increase Crisis Simulation Budgets
US Nationals Indicted For Fraudulent Remote IT Work »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

vArmour

vArmour

vArmour is the industry’s first distributed security system that provides insight and control for multi-cloud environments.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

Sonda

Sonda

SONDA is the leading systems integrator and IT service provider in Latin America.

Sectra Communications

Sectra Communications

Sectra successfully develops and sells cutting-edge solutions in the expanding niche segments of medical IT and cybersecurity.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Factmata

Factmata

Factmata is an social and news media monitoring and analytics product that uses AI to identify and track narratives online, highlighting those most likely to cause brand harm or misinform the public.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.

Aztek

Aztek

Aztek is one of the UK’s leading Managed Service Providers, providing customer-focused IT, Communication and Cyber Security solutions to help transform and grow your business.