EU sanctions against cyber attacks from Russia and China

EU sanctions against cyber attacks from Russia and China
For the first time in its history, the European Council wanted to impose restrictive measures against six people (Gao Qiang, ZhangShilong, Alexey Valeryevich Minin, Aleksei Sergeyvich Morenets, Evgenii Mikhaylovich Serebriakov, Oleg Mikhaylovich Sotnikov) and three entities, accused of having took part in cyber attacks in which Europe was involved. The sanctions imposed include the freezing of assets in all cases, while for individuals it has also been forbidden to cross European borders. Furthermore, anyone within the EU is prohibited from making funds available to these entities who have shown that they want to work with interests opposite to those of the old continent.

WannaCry, NotPetya and Operation Cloud Hopper

There are three cases demonstrated and such as to lead to the respective sanctions: "WannaCry", "NotPetya" and "Operation Cloud Hopper". In all cases the sanctions are aimed in the direction of Russia, China and North Korea. The cases are all sadly known: WannaCry was a ransomware that in 2017 put pc in check all over the world and was immediately accused of North Korea; NotPetya is dated 2018, generated billions of dollars of damage in Ukraine and the link with Russian crackers was immediately clear; Operation Cloud Hopper in turn struck the whole world (including Europe) to steal valuable commercial information, with the credit in that case immediately recognized in the long hand of China.

The sanctions are the available options of the package of instruments of the diplomacy computer science of the EU to prevent, deter and combat information technology in tortious conduct against the EU or its member States, and today, for the first time, the EU has used that tool. The legal framework relating to the restrictive measures targeted against cyber attacks was adopted in may 2019 and has been recently renovated.

The decision of the Board is an important step because it opens the front between the european institutions and cybercrime, demonstrating that the EU is ready to fight this war in court, up to grip the weapon of sanction (albeit a limited one in terms of the impact within the EU borders).

All this takes place in the weeks in which the United States focus more on the finger against the enemy of china and the Vatican itself must deal with cyber attacks coming from the East. The EU takes a position by pointing the finger at individual people and individual entities, but the root of the national is the same as that already known in many other cases before, a demonstration of the tensions in this cyberguerra are high and the necessary investments in defence are fundamental.

The EU stops at the legal responsibilities

The European Council seems to want to cautiously distance itself from the geopolitical issue, using a phrase that drives away the responsibility of the individual to those of the respective states:

The restrictive measures targeted have a deterrent effect and deterrence, and should be distinguished from the attribution of responsibility to a third State.

Distinct, but not excluded. As if to say: we hit the beds through a legal procedure, leave policy, evaluate whether there may be additional responsibilities.

The EU maintains its commitment to a form of cyberspace is a global, open, stable, peaceful and secure, and reiterates, therefore, the need to strengthen international cooperation in order to promote the order, based on the rules in this area.

Source: European Council

No comments:

Powered by Blogger.