18. Mai 2021
The Council today decided to prolong the framework for restrictive measures against cyber-attacks threatening the EU or its member states for another year, until 18 May 2022.
This framework allows the EU to impose targeted restrictive measures on persons or entities involved in cyber-attacks which cause a significant impact, and constitute an external threat to the EU or its member states. Restrictive measures can also be imposed in response to cyber-attacks against third states or international organisations where such measures are considered necessary to achieve the objectives of the Common Foreign and Security Policy (CFSP).
Sanctions currently apply to eight individuals and four entities, and include an asset freeze and a travel ban. Additionally, EU persons and entities are forbidden from making funds available to those listed.
Background
This latest prolongation is part of the EU’s scale up of its resilience and its ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.
In June 2017, the EU stepped up its response by establishing a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (the „cyber diplomacy toolbox“). The framework allows the EU and its Member States to use all CFSP measures, including restrictive measures if necessary, to prevent, discourage, deter and respond to malicious cyber activities targeting the integrity and security of the EU and its member states.
The EU remains committed to a global, open, stable, peaceful and secure cyberspace and therefore reiterates the need to strengthen international cooperation in order to promote the rules-based order in this area.
- Malicious cyber-attacks: EU sanctions two individuals and one body over 2015 Bundestag hack, press release 22 October 2020
- Council extends cyber sanctions regime until 18 May 2021, press release 14 May 2020
- Council decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States, consolidated text
Fachartikel
Koregulierung im DSA: Ein flexibles Instrument für systemische Risikominderung
Der Wettbewerbsvorteil dezentraler Identität im europäischen Finanzwesen
Wo sind Deine Daten hin?
Autonome APTs: Die Claude-basierte Operation wird nicht die letzte sein
Stand der Technik umsetzen: Wie Unternehmen jetzt handeln sollten
Studien
49 Prozent der IT-Verantwortlichen in Sicherheitsirrtum
Deutschland im Glasfaserausbau international abgehängt
NIS2 kommt – Proliance-Studie zeigt die Lage im Mittelstand
BSI-Lagebericht 2025: Fortschritte in der Cybersicherheit – Deutschland bleibt verwundbar
Forrester veröffentlicht Technologie- und Sicherheitsprognosen für 2026
Whitepaper
Digitale Transformation erhöht das Cyberrisiko im Finanzsektor
Industrial AI: KI als Treiber der Wettbewerbsfähigkeit
Vorbereitung auf künftige Cyberbedrohungen: Google veröffentlicht „Cybersecurity Forecast 2026“
Aktuelle Studie zeigt: Jeder Vierte in Deutschland bereits Opfer von digitalem Betrug
Cybersecurity in Deutschland: 200 Milliarden Euro Schaden trotz steigender IT-Ausgaben
Hamsterrad-Rebell
Sicherer Remote-Zugriff (SRA) für Operational Technology (OT) und industrielle Steuerungs- und Produktionssysteme (ICS)
Identity und Access Management (IAM) im Zeitalter der KI-Agenten: Sichere Integration von KI in Unternehmenssysteme
Infoblox zeigt praxisnahe IT-Security-Strategien auf it-sa 2025 und exklusivem Führungskräfte-Event in Frankfurt
IT-Security Konferenz in Nürnberg: qSkills Security Summit 2025 setzt auf Handeln statt Zögern
