The Netherlands has arranged for the European Council of Foreign Ministers to put six Russian hackers on the EU sanctions list. These often notorious hackers are allegedly responsible for far-reaching cyber attacks that have caused widespread damage in the EU, including at banks and in the healthcare sector.
The attacks carried out by the six Russian hackers within the EU were mainly hacks at banks and ransomware attacks on the healthcare sector. In addition, the cybercriminals allegedly engaged in attacks on “critical state functions,” the storage or processing of classified information and emergency services in EU member states.
Hacker groups Callisto, Armageddon and Wizard Spider
More specifically, this involves two infamous Callisto hacker group members, Ruslan Peretyatko and Andrey Korinets. Callisto is a group of military intelligence officers who conduct cyber operations against the EU and other countries. These include sophisticated phishing campaigns to steal sensitive information from government organizations.
The four other scanned Russian cybercriminals are Oleksandr Sklianko and Mykola Chernykh of the Armageddon hacker gang, supported by Russia’s FSB state security service. Mikhail Tsarev and Maksim Galochkin, key players in the rollout of the Conti ransomware and Trickbot malware, are also on the sanctions list. The latter cybercriminals are also active in the hacker gang Wizard Spider.
Unique Dutch cooperation
The Netherlands ultimately got these six Russian hackers on the European sanctions list. The Ministry of Foreign Affairs indicates in a news release that this involved unique cooperation between Foreign Affairs, the Ministry of Justice and Security (J&V), the Public Prosecution Service (OM) and the Police. The Netherlands hopes that this approach will also encourage other member states to embrace this approach.
The sanctions these individuals now face include a freeze on their financial assets held in the EU and an entry ban. European individuals and companies/organizations are also prohibited from supporting these individuals with financial funds.
Expansion of sanctions policy desirable
Since 2019, sanctions can only be imposed on individuals and/or entities for cybercrime against EU member states. This has now happened 14 times for individuals and four times for entities. Those sanctioned are all from Russia, China, and North Korea.
The Netherlands wants these European sanctions to apply to individuals and entities, as is currently the case, and against individual countries. This would allow the EU to act more effectively against states exhibiting malicious cyber behavior. Currently, in cooperation with other member states, the Netherlands is investigating the possibilities of strengthening the EU cyber sanctions policy in the latter area.
Also read: Russian hackers stole emails between Microsoft and U.S. government