Cyber-attacks: Council is now able to impose sanctions
On 17 May 2019, the Council established a framework which allows the EU to impose targeted restrictive measures to deter and respond to cyber-attacks which constitute an external threat to the EU or its member states, including cyber-attacks against third States or international organisations where restricted measures are considered necessary to achieve the objectives of the Common Foreign and Security Policy (CFSP).
Cyber-attacks falling within the scope of this new sanctions regime are those which have significant impact and which:
- originate or are carried out from outside the EU or
- use infrastructure outside the EU or
- are carried out by persons or entities established or operating outside the EU or
- are carried out with the support of person or entities operating outside the EU.
Attempted cyber-attacks with a potentially significant effect are also covered by this sanctions regime.
More specifically, this framework allows the EU for the first time to impose sanctions on persons or entities that are responsible for cyber-attacks or attempted cyber-attacks, who provide financial, technical or material support for such attacks or who are involved in other ways. Sanctions may also be imposed on persons or entities associated with them.
Restrictive measures include a ban on persons travelling to the EU, and an asset freeze on persons and entities. In addition, EU persons and entities are forbidden from making funds available to those listed.
The EU recognises that cyberspace offers significant opportunities, but also presents continuously evolving challenges. It is concerned at the rise of malicious behaviour in cyberspace that aims at undermining the EU's integrity, security and economic competitiveness, with the eventual risk of conflict.
On 19 June 2017 the Council adopted a framework, the cyber diplomacy toolbox, which helps improve cooperation, prevent conflict, mitigate potential cyber threats as well as deter and influence the behaviour of potential aggressors. This was in response to growing concern at the increased ability and willingness of state and non-state actors to undertake malicious cyber activities.
On 16 April 2018, the Council adopted conclusions on malicious cyber activities which underlined the importance of a global, open, free, stable and secure cyberspace, and expressed concern about the activity of malicious actors.
On 28 June 2018 and 18 October 2018 the European Council called for work on the capacity to respond to and deter cyber-attacks to be taken forward.
On 12 April 2019, the High Representative issued a declaration on behalf of the EU stressing the need to respect the rules-based order in cyberspace, urging actors to stop undertaking malicious cyber activities including the theft of intellectual property, and calling on all partners to strengthen international cooperation to promote security and stability in cyberspace.
The EU remains committed to keeping cyberspace open, stable and secure and reiterates its attachment to the settlement of international disputes in cyberspace by peaceful means. In this context, all of the EU's diplomatic efforts should aim as a matter of priority to promote security and stability in cyberspace through increased international cooperation, and reduce the risk of misperception, escalation and conflict that may stem from Information and Communications Technologies (ICT) incidents.
The EU and its member states are getting ready to be more resistant and to respond to cyber-attacks.
- Declaration by the High Representative on behalf of the EU on respect for the rules-based order in cyberspace, 12 April 2019
- European Council conclusions, 18 October 2018
- Response to malicious cyber activities: Council adopts conclusions, 16 April 2018
- Cyber-attacks: EU ready to respond with a range of measures, including sanctions, 19 June 2017
+32 2 281 53 16
+32 470 18 24 05
Latest News from
Innovative workplace risk assessment tool OiRA goes global25/06/2019 15:25:00
The European Agency for Safety and Health at Work (EU-OSHA) welcomes the implementation of its Online interactive Risk Assessment (OiRA) project at multinational car manufacturer Daimler. The company’s German Health and Safety department has developed and adapted a workplace risk assessment tool on the basis of OiRA for company specific use.
ESMA consults on short-termism in financial markets25/06/2019 13:10:00
The European Securities and Markets Authority (ESMA) has published a questionnaire which aims to gather evidence on potential short-term pressures on corporations stemming from the financial sector.
Dual Food Quality: EC releases study assessing differences in the composition of EU food products25/06/2019 12:33:00
The EC has published the results of a pan-European testing campaign of food products showing that some products are identically or similarly branded while having a different composition.
Average CO2 emissions from new cars and new vans increased in 201825/06/2019 11:25:00
According to provisional data published by the European Environment Agency, the average CO2 emissions from new passenger cars registered in the EU in 2018 increased for the second consecutive year, reaching 120.4 grammes of CO2 per kilometre.
Eurojust crackdown on counterfeit olive oil trade24/06/2019 12:20:00
With the active support of Eurojust, the Italian Public Prosecution Office (PPO) of Foggia, in close cooperation with the German national authorities, dismantled an organised crime group trading adulterated olive oil in Germany and Italy, leading to the arrest of 24 persons.
European Council conclusions 20 June 201921/06/2019 16:37:00
The European Council welcomed the work done under the Romanian Presidency and took note of the various elements of the MFF package. It called on Finland's Presidency to pursue the work and to develop the Negotiating Box.
A new strategic agenda 2019-202421/06/2019 15:25:00
Over the next five years, the EU can and will strengthen its role in a changing environment. Together, we will be determined and focused, building on our values and the strengths of our model.
Setting up of judicial counter-terrorism register at Eurojust21/06/2019 13:25:00
Eurojust’s proposal to the EU Member States on the implementation & functioning of the European judicial counter-terrorism register on the basis of Council Decision 2005/671/JHA was presented to the national correspondents for terrorism at the annual Eurojust meeting on counter-terrorism.
Member States agree to EC proposal to support Irish beef producers impacted by market uncertainty21/06/2019 12:37:00
EU Member States have agreed to a proposal from the EC to make €50m available to Irish beef farmers, which can be matched by national funds to reach a maximum of €100m.
Illegal annexation of Crimea and Sevastopol: EU extends sanctions by one year21/06/2019 10:43:00
On 20 June 2019, the Council prolonged the restrictive measures introduced in response to the illegal annexation of Crimea and Sevastopol by Russia until 23 June 2020. The measures apply to EU persons and EU based companies. They are limited to the territory of Crimea and Sevastopol.