Exposing Russia's malicious cyber ecosystem: the EU adopts its biggest cyber sanctions package

On 13 July 2026, the European Union exposed Russia's malicious cyber ecosystem and adopted new restrictive measures targeting those responsible for malicious cyber activities in support of Russia's strategic objectives.

 

 

The High Representative issued a statement on behalf of the European Union exposing Russia's malicious cyber ecosystem—including the role of the Russian state and its network of proxies—and announcing the EU's largest cyber sanctions package to date, targeting individuals and entities responsible for carrying out, enabling or facilitating malicious cyber activities in support of Russia's strategic objectives.

We strongly condemn Russia’s behaviour and misuse of this cyber ecosystem, targeting public services and critical infrastructure, causing disruptions and financial losses.

EU High Representative, Kaja Kallas

Today's action marks a significant step in the EU's response to Russia's malicious cyber activities. By exposing and targeting Russia's entire malicious cyber ecosystem, a network of state actors, proxies and enablers that support Russia’s objective to destabilise the EU, its Member States and international partners, the EU is significantly raising the costs of Russia's malicious behaviour. Today, the EU publicly holds the 16th Centre of Russia's Federal Security Service (FSB) responsible for a wide range of malicious cyber operations against EU Member States and partner countries. These activities have included cyber espionage and sabotage of critical infrastructure.

In addition to exposing the role of Russia's intelligence services, the EU is also responding to the broader threat posed by Russia's cyber ecosystem, targeting the network of cybercriminals, hacktivists and private companies operating under Russia's instruction, direction or control, or in support of its strategic objectives.

Alongside this coordinated attribution, the Council imposed restrictive measures on nine individuals and four entities linked to Russia's cyber ecosystem, including intelligence officers, cybercriminals, hacktivists and companies enabling malicious cyber activities. These measures raise the costs of Russia's malicious cyber activities, disrupt the ecosystem that enables it and ensure those responsible are held accountable.

For the first time, these cyber sanctions were adopted in parallel with the United Kingdom under our respective cyber sanctions regimes, demonstrating our shared commitment to holding Russia and its cyber ecosystem accountable.

The EU will continue to strengthen its cooperation with international partners in support of a global, free, open, stable and secure cyberspace.

These actions are taken in the framework of the EU's Cyber Diplomacy Toolbox, which allows the European Union and its Member States to respond collectively to malicious cyber activities through diplomatic actions, including coordinated attribution and targeted sanctions.

 

The EU Cyber Diplomacy Toolbox explained

 

Remote video URL

 

More info

Cyber / Russia: Statement by the High Representative on behalf of the European Union denouncing Russia’s malicious cyber ecosystem targeting the EU, its member states and international partners

Russian cyber-attacks and destabilising activities: Council sanctions nine individuals and four entities

Follow the link to learn more from the EEAS about EU Sanctions & sanctions policy

Follow the link to learn more about the EU’s policies to tackle cybersecurity threats on the EEAS Cybersecurity page