On June 24, 2024, the Council of the European Union adopted Council Decision (CFSP) 2024/1779 and Council Implementing Regulation (EU) 2023/1778 to add six additional persons to the EU sanctions list for their alleged involvement in cyber-attacks against EU Member States that affected information systems related to critical infrastructure and state functions. The Council reported that this is the first time that restrictive measures have been taken against cybercriminals that used ransomware against essential services systems in the European Union.
The designations include Mikhael Tsarev and Maksim Galochkin, who allegedly played a critical role in the deployment of the Conti and Trickbot malwares that were used to target essential services, such as health and banking, in the European Union. The other designees are members of the Callisto group, which is comprised of Russian military intelligence officers who engaged in phishing campaigns in order to obtain sensitive defense-related information, and members of the Armageddon hacker group, a group supported by Russia’s Federal Security Service (“FSB”) that allegedly carried out various cyber-attacks that significantly affected the governments of EU Member States and Ukraine. All of the designations were imposed under the EU horizontal cyber sanctions regime, which subjects listed persons to asset freezes and travel bans in the European Union.
Council of the EU Press Release | Council Decision (CFSP) 2024/1778 | Council Implementing Regulation (EU) 2024/1778