EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states.
The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners.
“The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried out against EU member states and EU partners.” reads the press release.
The first sanctioned China-based company is Integrity Technology Group, which supported operations that compromised over 65,000 devices across six EU member states between 2022 and 2023. In January 2025, the U.S. Treasury sanctioned Integrity Tech for links to cyberattacks by China’s state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).
The China-linked APT group used Integrity Tech’s infrastructure to launch cyberattacks on European and U.S. networks since the summer of 2022. Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access.
The second sanctioned China-based firm is Anxun Information Technology, which provided hacking services targeting critical infrastructure. Two Chinese co-founders were sanctioned for directly participating in cyberattacks against EU member states. In March 2025, the U.S. sanctioned Anxun Information Technology (i-Soon) for offering hacker-for-hire services and conducting cyberattacks since 2011. A 2024 data leak exposed its internal operations and tools.
The sanctioned company is the Iranian firm Emennet Pasargad, which breached a French subscriber database and tried to sell the data online. It also spread disinformation by hacking advertising billboards during the Paris 2024 Olympic Games and disrupted a Swedish SMS service, affecting many EU citizens.
Those sanctioned face asset freezes, while EU citizens and companies are banned from providing them funds or resources. Individuals are also subject to travel bans within the EU. With these additions, the EU cyber sanctions regime now covers 19 individuals and 7 entities.
“The move highlights the EU’s commitment to responding firmly to ongoing cyber threats and working with international partners to ensure a secure and stable cyberspace.
“Today’s decision confirms EU’s and its member states’ willingness to provide a strong and sustained response to persistent malicious cyber activities targeting the EU, its member states and partners.” concludes the press release. “The EU and its member states will continue to cooperate with our international partners to promote an open, free, stable and secure cyberspace.”
The EU created its “cyber diplomacy toolbox” in 2017 to prevent and respond to cyber threats using diplomatic and restrictive measures. In 2019, it added a sanctions framework to target cyberattacks posing external threats to the EU and its members.
(SecurityAffairs – hacking, EU critical infrastructure)
Source: SecurityAffairs
Source Link: https://securityaffairs.com/189585/security/eu-sanctions-chinese-and-iranian-actors-over-cyberattacks-on-critical-infrastructure.html