EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack

It's just the second time the EU has used its cyber sanctions powers.

The European Union on Thursday sanctioned the head of a Russian military intelligence unit, an alleged hacker wanted by the FBI and a Russian government-linked hacking group over a 2015 cyberattack against Germany’s parliament.

It’s only the second time the EU has issued cyber-related sanctions, following July sanctions against Russia, China and North Korea in connection with a string of unrelated cyberattacks. Now, as then, the General Staff Main Intelligence Directorate, commonly known as the GRU, is among the targets of the EU’s ire.

Igor Kostyukov, head of the GRU, was hit with sanctions in Thursday’s action over the Bundestag hack. So, too, was alleged intelligence officer Dmitry Badin, previously indicted in the U.S. for his role in 2016 election interference. The EU also sanctioned the GRU-connected hacking group known as Fancy Bear, among other names, which the U.S. has likewise connected to 2016 election meddling.

“The cyber-attack against the German federal parliament targeted the parliament’s information system and affected its operation for several days,” the sanctions listing reads. “A significant amount of data was stolen and email accounts of several MPs as well as of Chancellor Angela Merkel were affected.”


The sanctions include travel bans and asset freezes. Russia has contended that Germany has presented no evidence of its involvement.

While the sanctions apply across the pond, they stand to bolster the U.S. position, too. Germany charged Badin in the Bundestag hack, something a top Justice Department official praised in an interview Wednesday for CyberTalks, the annual summit produced by CyberScoop.

It’s part of a broader trend toward international allies’ attribution of attacks that is “very helpful” and something the U.S. has made an important objective, said John Demers, the assistant attorney general for national security.

“One of the big things we’re trying to do with our charges and our calling it out is establish norms of acceptable behavior by countries in cyberspace,” Demers said. “If it’s just us, it’s easy for the Chinese government or the Russian government or the Iranians to just say, ’Oh, no, this is just the U.S. being mad at us over whatever other issue, and they’re just using this as a political tool.’”

Sean Lyngaas contributed reporting.

Latest Podcasts