The Council of the European Union has imposed sanctions on three companies and two individuals from China and Iran for their roles in orchestrating cyberattacks against critical infrastructure and digital devices. These measures target entities responsible for large-scale hacking operations, data theft, and influence campaigns that have compromised the security of several member states.

The Chinese firm Integrity Technology Group was sanctioned for providing the technical support necessary to compromise over 65,000 devices across six EU nations between 2022 and 2023. Additionally, the Council targeted Anxun Information Technology and its two co-founders for delivering hacking services that specifically focused on the critical infrastructure and essential functions of various countries.

On the Iranian side, the company Emennet Pasargad was added to the sanctions list following its involvement in multiple malicious activities. The firm has been linked to the compromise of a Swedish SMS service and various influence operations intended to destabilize public discourse within the European Union.

Recent reports have also connected Emennet Pasargad to interference during the 2024 Paris Olympics. The company was involved in hijacking digital advertising billboards to broadcast misinformation, demonstrating a shift toward public-facing psychological operations alongside traditional hacking methods.

Further investigation by Microsoft revealed that the group operated under the alias Holy Souls on hacker forums. Under this moniker, the actors attempted to sell the personal data of 230,000 Charlie Hebdo subscribers in early 2023, demanding a payment of 20 bitcoins after leaking a sample of the stolen names and addresses to prove the breach.

Source: Europe Sanctions Chinese and Iranian Firms Over Cyberattack Allegations