EU puts new sanctions on Russia for German parliament hacking attack

Brussels (dpa) – The European Union on Thursday imposed new sanctions on Russia in response to a massive hacking attack on the German parliament in 2015.

The travel ban and asset freezes target two individuals and a military unit blamed for the cyberattacks, according to a decision paper published in the Official Journal of the European Union.

The individuals are the head of the Main Directorate of the General Staff of the Russian Armed Forces and one of the alleged hackers, it said.

The entity targeted is the part of Russia’s GRU military intelligence agency known as “unit 26165” or more commonly “Fancy Bear.”

According to various media reports, federal investigators hold the GRU responsible for the attack on Germany’s parliament in April and May 2015.

Many computers in lawmakers’ offices were infected with spyware, including ones in Chancellor Angela Merkel’s office. The parliament’s entire IT system had to be overhauled.

A significant amount of data was also stolen.

Referring to the results of the German federal prosecutor’s investigation into the attack, Merkel had long ago spoken of “hard evidence” of Russian involvement, calling it “outrageous” at the time.

The Berlin government also initiated the process that led to Thursday’s punitive measures from Brussels.

Russia warned in July of a deterioration in relations between Berlin and Moscow if there were to be sanctions due to the hacker attack.

The German government’s initiative for “cyber sanctions” by the EU against Russia was “bad news” for Russian-German relations, Deputy Foreign Minister Vladimir Titov said at the time. Such sanctions could also affect international cooperation on information security.

Despite requests, no evidence has been presented to Russia that its citizens were involved in the hacking attack in May 2015, he said, stressing that without evidence of Russia’s guilt, the allegations are baseless.

The EU justified the sanctions on Igor Kostyukov, the head of the General Directorate of the General Staff of the Russian Armed Forces, on the grounds that he is in command of the 85th Main Special Services Centre (GTsSS), which is accused of participating in the cyberattack on the German Bundestag.

Kostyukov was sanctioned because in his capacity he “is responsible for cyberattacks carried out by the GTsSS, including those with a significant effect constituting an external threat to the Union or its Member States,” it says in the Official Journal of the EU.

It is also believed to have been involved in the attempted cyberattack on the Organization for the Prohibition of Chemical Weapons (OPCW) in April 2018.

According to the EU Official Journal, the hacker concerned is a 30-year-old man by the name of Dmitry Badin. He is said to have been involved in the attack as a military intelligence officer.

It is unlikely that punitive measures such as entry bans will really hurt those affected. In the EU, however, it is hoped that they will send a message to the government in Moscow that the EU will no longer put up with attacks of this kind.

Also because of the poison attack on the leading Russian dissident Alexei Navalny, the EU recently imposed sanctions on suspects close to President Vladimir Putin.