EU sanctions three Russian intelligence officers for cyberattacks on Estonia

EU sanctions three Russian intelligence officers for cyberattacks on Estonia

The European Union has imposed sanctions on three Russian nationals in response to their involvement in a series of cyberattacks against the Republic of Estonia in 2020. The sanctions are part of the EU's ongoing efforts to combat foreign cyber threats and protect European security.

The individuals, Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are all identified as officers in the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155. This covert military unit has been linked to a range of destabilizing activities, including cyberattacks, assassinations, and bombings across Europe, and has been active in several conflicts, notably in Ukraine, Western Europe, and Africa.

In 2020, the trio played key roles in a sophisticated cyberattack that targeted various Estonian government ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs. During the attack the intruders gained access to highly sensitive government data, and stole thousands of confidential documents, including business secrets, health records, and other vital information that compromised the security of the affected institutions.

The EU has described Unit 29155 as a “covert and highly disruptive” force, responsible for destabilizing activities not just in Estonia but also in other EU member states and partner nations. The unit's cyber operations have extended to multiple targets, including Ukraine, and the latest sanctions seek to hold those responsible accountable for their role in these breaches of international law.

The new sanctions package, adopted under the EU's horizontal cyber sanctions regime, includes asset freezes, travel bans, and a prohibition on EU individuals and entities from making funds available to those listed.

The European Union first imposed sanctions against GRU Unit 29155 last year as part of a broader package aimed at countering Russia's destabilizing actions.

Back to the list

Latest Posts

Cyber Security Week in Review: February 14, 2025

Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more.
14 February 2025
Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

The 'BadPilot' campaign involves a series of targeted cyberattacks leveraging bugs in widely used IT infrastructure software.
13 February 2025
Four key distributors of encrypted communications service Sky ECC arrested in Spain and Netherlands

Four key distributors of encrypted communications service Sky ECC arrested in Spain and Netherlands

The two men arrested in Spain are accused of overseeing the global distribution of Sky ECC devices and software.
12 February 2025