Russian GRU Hackers Face EU Sanctions After Massive Estonian Government Data Heist

Russian GRU Hackers Face EU Sanctions After Massive Estonian Government Data Heist

Russian Military Hackers Face EU Sanctions Over Estonian Cyberattacks

The European Union has imposed sanctions on three Russian military intelligence (GRU) officers from Unit 29155 for orchestrating significant cyberattacks against Estonian government institutions in 2020. The sanctioned individuals – Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov – successfully breached multiple Estonian ministries, including Economic Affairs and Communications, Social Affairs, and Foreign Affairs.

The cyber operation resulted in the theft of thousands of classified documents containing sensitive information, business secrets, and health records, compromising institutional security. Unit 29155, also known as Cadet Blizzard and Ember Bear, has been linked to various destabilization activities across Europe, including assassinations, bombings, and cyberattacks targeting NATO members and other nations worldwide.

Since Russia’s invasion of Ukraine, the group has shifted focus to disrupting organizations providing aid to Ukraine, deploying backdoors, information stealers, and fake ransomware through phishing campaigns. The United States and allied nations have identified the group’s involvement in attacks on global critical infrastructure, leading the U.S. State Department to offer a $10 million reward for information on five specific GRU officers associated with Unit 29155.

The EU previously sanctioned Unit 29155 in December for its broader pattern of malicious cyber activities affecting EU member states and partners, particularly Ukraine, demonstrating an escalating response to Russian cyber aggression.

Share This Article