Trending

EU Imposes Sanctions on Chinese and Iranian Entities Over Cyber Attacks

The CyberSignal

The CyberSignal

2 min read
A glowing European Union shield and stars centered on a world map, with blue light beams intercepting incoming red cyberattack warning icons from across the globe.

The European Union has imposed sanctions on three companies and two individuals accused of carrying out cyber attacks targeting EU member states and partner countries, the Council of the European Union announced on Monday.

The restrictive measures were adopted under the EU’s cyber sanctions framework, which allows the bloc to respond to malicious cyber activities that threaten its security or that of its member states. The sanctions include asset freezes and travel bans within the European Union.

Companies Accused of Supporting Cyber Operations

According to the Council, the sanctioned entities include Integrity Technology Group and Anxun Information Technology, both based in China, as well as the Iranian company Emennet Pasargad.

EU officials said Integrity Technology Group had routinely provided products used to compromise digital devices across Europe and other regions. The Council stated that between 2022 and 2023 more than 65,000 devices were hacked across six EU member states with technical and material support linked to the company.

Minimalist infographic showing a red hacker icon launching an attack across a globe toward blue government and infrastructure icons protected by a shield.

Anxun Information Technology, also known in some cybersecurity reporting as a provider of hacking services, was accused of targeting critical infrastructure and other key functions of EU member states and third countries.

The third entity listed, Emennet Pasargad, is an Iranian firm that has previously been linked by Western governments to influence operations and cyber activities.

Two Individuals Also Sanctioned

The EU also sanctioned two Chinese individuals identified as co-founders of Anxun Information Technology, saying they were responsible for or involved in cyber attacks affecting EU member states.

Under the sanctions regime, individuals listed by the EU are subject to asset freezes and travel bans, and EU citizens and companies are prohibited from providing funds or economic resources to them.

Part of EU Cyber Diplomacy Measures

The measures were implemented under the EU’s “cyber diplomacy toolbox,” a framework established in 2017 that allows the bloc to coordinate diplomatic responses to malicious cyber activities.

In 2019, the EU created a formal sanctions regime enabling it to impose targeted restrictive measures against individuals or organizations responsible for cyber attacks that pose a threat to the European Union or its member states.

The sanctions announced Monday were adopted through amendments to the EU’s cyber sanctions legislation, including Council Decision (CFSP) 2026/588 and Implementing Regulation (EU) 2026/589.

Growing Concern Over State-Linked Cyber Activity

EU officials say the sanctions reflect increasing concern about state-linked cyber operations targeting critical infrastructure, government systems, and strategic industries.

Cybersecurity analysts have warned that state-sponsored groups increasingly use cyber operations for espionage, disruption, and influence campaigns, often targeting government institutions and infrastructure networks.

By imposing sanctions, the EU aims to deter malicious cyber activities and signal that cyber attacks against its institutions and member states will carry political and economic consequences.

The bloc has used similar sanctions in recent years against individuals and organizations accused of involvement in cyber operations attributed to various state-backed threat groups.

As geopolitical tensions and cyber capabilities continue to evolve, European officials say the cyber sanctions regime will remain a key tool for responding to digital threats against the EU and its partners.

Read more