In the Council’s effort to deter cyber-attacks constituting an external threat to the EU or Member States, the EU can now impose targeted restrictive measures which include asset freezes on both persons and entities and a ban on people travelling to the EU.
Such restricted measures are considered necessary in light of the Common Foreign and Security Policy (CFSP) objectives and are applicable to cyber-attacks that are determined to have a significant impact,
Cyber-attacks falling within the scope of this new sanctions regime are those which have significant impact, including those which:
- “originate or are carried out from outside the EU or
- use infrastructure outside the EU or
- are carried out by persons or entities established or operating outside the EU or
- are carried out with the support of person or entities operating outside the EU.”
For more information, please see the Council of the EU Press Release here.