Politics July 13, 2026 04:52 AM

UK and EU Coordinate First Joint Cyber Sanctions Targeting Russian Networks

Twenty-four individuals and entities sanctioned for cyber operations, election interference and spreading anti-Ukraine narratives across Europe

By Ajmal Hussain
Share
Twitter Reddit Facebook LinkedIn

The United Kingdom announced sanctions on 24 people and organisations tied to cyber-attacks, election meddling and disinformation aligned with Russian state interests. The package is the first coordinated UK and EU action specifically focused on cyber-enabled operations and targets senior GRU figures, FSB-linked actors, cybercriminal tools and a media outlet accused of spreading false narratives.

UK and EU Coordinate First Joint Cyber Sanctions Targeting Russian Networks
Summarize with
ChatGPT Perplexity Claude Grok Gemini

Key Points

  • UK announced sanctions on 24 individuals and entities for cyber-attacks, election interference and spreading anti-Ukraine narratives.
  • Three senior GRU leaders were sanctioned, and GRU Unit 29155 is accused of recruiting hackers via cybercriminal partners such as IMPULS.
  • Sanctions also target operators of Lumma Stealer and 10 individuals linked to Rybar LLC; UK has sanctioned over 3,400 Russia-linked targets.

The United Kingdom imposed sanctions on 24 individuals and entities on Monday, accusing them of involvement in cyber-attacks, election interference and the dissemination of anti-Ukraine narratives across European countries.

Officials described the measures as the first joint cyber sanctions action coordinated between the UK and European Union member states. The list focuses on Russian state actors and cybercriminal networks that are said to have links to Russian Intelligence Services.

Among those sanctioned are three senior figures in the GRU leadership identified as Vyacheslav Stafeyev, Ivan Senin and Ivan Kasyanenko. The UK says these officials directed GRU cyber and hybrid threat operations.

Authorities also pointed to activity by the GRU Unit 29155 cyber division, which reportedly collaborated with cybercriminal actors, including the company IMPULS, to recruit hackers and cyber specialists from Russian universities and academies.

In a coordinated attribution, UK and EU officials linked an attempted cyber-attack on Poland’s energy grid to Russia’s FSB Centre 16. The operation failed, but officials warned it had the potential to leave as many as 500,000 people without electricity during winter.

"These sanctions strike at the core of the cybercriminal networks propping up the Russian state’s aggression, and the UK and EU are sending a clear message that Russia cannot hide behind its use of these proxy groups."

The sanction package also names individuals associated with the Lumma Stealer malware. Authorities say the tool enables cybercriminals to harvest sensitive information from compromised devices, and that stolen credentials from Lumma Stealer have been used by Russia to carry out cyber espionage against targets around the world. The National Crime Agency reported at least 2,100 victims of Lumma Stealer in the UK within the last six months.

Separately, the measures include sanctions on 10 people connected to Rybar LLC, described as a media company that receives resources from the Russian state. The UK contends Rybar LLC spreads false narratives about Ukraine and has interfered in European elections, naming Moldova and Armenia as examples.

The announcement notes that the UK has now sanctioned more than 3,400 targets linked to Russia’s war effort. Officials framed the coordinated UK-EU action as a direct response to cyber operations, disinformation campaigns and election interference tied to Russian state-linked networks.

Risks

  • Cyber operations capable of disrupting critical infrastructure - energy sector exposure due to the attributed attempted attack on Poland’s grid that could have affected up to 500,000 people.
  • Ongoing cyber espionage and credential theft - businesses and public sector systems may face heightened risk from tools like Lumma Stealer; cybersecurity firms and enterprise IT budgets could be impacted.
  • Disinformation and election interference - media and political processes across Europe, including Moldova and Armenia, remain vulnerable to state-backed narratives, affecting political risk assessments and communications sectors.

More from Politics

Justice Department Subpoenas New York Times Reporters Over Air Force One Coverage, Paper Says Jul 13, 2026 Graham's Death and McConnell's Absence Shadow Senate Return as Lawmakers Face Condensed Summer Agenda Jul 13, 2026 Justice Department Subpoenas New York Times Reporters Over Air Force One Coverage Jul 11, 2026 White House Explored Emergency Route to Override Election Agency Before Forcing Its Leadership Out Jul 10, 2026 Trump Administration Finalizes Rule Narrowing Habitat Protections Under Endangered Species Act Jul 10, 2026