1961-02-21

http://data.europa.eu/eli/reg_impl/2025/886/oj

Igor Kostyukov is the current Head of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU), where he previously served as First Deputy Head. One of the units under his command is the 85th Main Centre for Special Services (GTsSS), also known as ‘military unit 26165’ (industry nicknames: ‘APT28’, ‘Fancy Bear’, ‘Sofacy Group’, ‘Pawn Storm’ and ‘Strontium’). In this capacity, Igor Kostyukov is responsible for cyber-attacks carried out by the GTsSS, including those with a significant effect constituting an external threat to the Union or its Member States. In particular, military intelligence officers of the GTsSS took part in the cyber-attack against the German federal parliament (Deutscher Bundestag) which took place in April and May 2015 and the attempted cyber-attack aimed at hacking into the Wi-Fi network of the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Netherlands in April 2018. The cyber-attack against the German federal parliament targeted the parliament’s information system and affected its operation for several days. A significant amount of data was stolen and email accounts of several MPs as well as of Chancellor Angela Merkel were affected.

(Date of UN designation: 2020-10-22)

2025-05-12

EU

Restrictive measures against cyber-attacks threatening the Union or its Member States

EU-horizontal

Cyber-attacks

Asset freeze and prohibition to make funds available, Restrictions on admission

- All assets of the listed persons and entities should be frozen. It is also prohibited to make any funds or assets directly or indirectly available to them. - Member States shall enforce travel restrictions on persons listed in the Annex of Council Decision(CFSP) 2019/797.

Through the adoption of the “Cyber Diplomacy Toolbox” on 19 June 2017, the Council stressed the growing need to protect the integrity and security of the EU, its Member States and their citizens against cyber threats and malicious cyber activities. At the European Council on 18 October 2018, Member States called for the introduction of a new EU sanctions regime to build up the EU and its Member States’ capacity to respond to and to deter cyber-attacks. The Council established the new sanctions regime on 17 May 2019, introducing targeted restrictive measures against cyber-attacks threatening the Union or its Member States. The measures consist of asset freeze and travel ban of persons and/or entities responsible for cyber-attacks or attempted cyber-attacks, as well as those involved in or offering financial, technical or material support for these attacks and those who assist, encourage, facilitate or are associated with them.