Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in
    Computing

    Chinese and Russian hackers were just sanctioned by Europe for the first time

    EU officials imposed restrictions for ransomware and corporate espionage.

    July 30, 2020
    The European Council took unprecedented steps on Thursday.
    The European Council took unprecedented steps on Thursday.Tauno Tõhk (CC BY 2.0)

    The European Union imposed its first-ever sanctions for cyberattacks on Thursday, targeting Russian, Chinese, and North Korean groups connected to several major hacking incidents.

    The action, which includes travel bans and asset freezes on individuals and organizations connected to ransomware and industrial espionage, follow earlier sanctions put in place by the United States.

    Retaliation for Russian attacks: The most prominent target of EU action is unit 74455 of Russia’s GRU military intelligence service, a group known as Sandworm. It is linked to the NotPetya ransomware attacks, which experts say began as a political attack against Ukraine but then quickly spread across the world and caused over $10 billion in damage. The group is also linked to hacking and turning off the Ukrainian power grid during the winters of 2015 and 2016. The sanctions also targeted four Russian spies linked to a cyberattack on the Organization for the Prohibition of Chemical Weapons, which investigates the use of chemical weapons in Syria.

    China’s corporate espionage: In China, two citizens and a company, Haitai Technology Development, were sanctioned in connection with a hacking campaign known as Cloudhopper. The lengthy and sophisticated operation, carried out on behalf of Chinese intelligence services, targeted corporate secrets across six continents and is one of the most expansive espionage operations ever spotted.

    North Korea’s worm: The North Korean firm Chosun Expo was sanctioned because of its role  supporting WannaCry , the 2017 ransomware outbreak that ripped through IT systems across the globe. The incident famously struck the United Kingdom’s National Health Service and brought down entire hospitals. 

    “NotPetya and WannaCry were two of the most devastating cyberattacks in history, causing billions of dollars in damage and disrupting many vital systems,” says John Hultquist of the American cybersecurity firm FireEye. “At least one victim of NotPetya has claimed $1.3 billion in damage.”

    The Russian, Chinese, and North Korean governments have repeatedly denied involvement in cyberattacks.

    Deep Dive

    Computing

    How Rust went from a side project to the world’s most-loved programming language

    For decades, coders wrote critical systems in C and C++. Now they turn to Rust.

    Welcome to the oldest part of the metaverse

    Ultima Online, which just turned 25, offers a lesson in the challenges of building virtual worlds.

    A new paradigm for managing data

    Open data lakehouse architectures speed insights and deliver self-service analytics capabilities.

    Three ways networking services simplify network management

    The right networking services orchestrate note-perfect network performance.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.