The European Union has blacklisted members of a Russian intelligence unit it said were responsible for a decade-long cyber spying campaign targeting governments, critical infrastructure and strategic industries across Europe.
Announced on Monday, the sanctions target a unit within Russia's Federal Security Service (FSB) that directed the state-backed hacking group Turla. According to the EU's top diplomat, Turla has compromised targets from as early as 2010, causing disruptions and financial losses. The FSB orchestrated attacks by cybercriminals, private companies and so-called hacktivists, the statement read.
“EU blacklists FSB unit behind Turla hacking group for decade-long cyberspying across Europe, including sabotage in Poland.”
French Foreign Minister Jean-Noël Barrot told broadcaster BFMTV on Monday morning that France would summon the Russian ambassador over the hacking campaigns. Barrot said the operations targeted military personnel, companies and operators, and were intended either to intercept communications or to sabotage operations – including railway infrastructure in Poland. “For example, railway infrastructure, as was the case in Poland,” he said.
According to the French government, Turla compromised unclassified email systems at France's Defense Ministry in 2017, breached the French embassy in Moscow the following year, and stole industrial secrets from a high-tech company in 2025. French officials also accused the group of hijacking third-party infrastructure – including offensive cyber capabilities linked to Iran – to conceal the origin of its operations.
Monday's sanctions impose travel bans and asset freezes on listed individuals and entities. They also affect Russian technology companies Advanced System Technology (AST) and NPP Gamma, which will now be barred from doing business in the EU. AST had previously been sanctioned by the United States in 2021.
The United Kingdom on Monday also announced a series of sanctions against 24 individuals and entities connected to the cyber campaigns, though details were not provided in the EU statement.
The latest listing refers to the EU's cyber sanctions regime, first used in 2020 against Russian military intelligence officers for attacks including the NotPetya malware outbreak and a hack of the German Bundestag. Brussels has expanded the list to include more officers over attacks on Estonia and people involved in hybrid aggression like sabotage and disinformation.
The EU's move underscores a coordinated Western response to what officials describe as a persistent and sophisticated Russian cyber threat that has targeted critical infrastructure and democratic institutions for over a decade.
