THE European Council has imposed sanctions on three ostensibly private firms—two in China and one in Iran—for aiding and carrying out cyberattacks in European countries, with the measures now prohibiting entry or doing business in the EU and freezing any EU-based assets. One Chinese company, Integrity Technology Group, is described as a mid-size publicly traded corporation, linked to 65,000 compromised devices across six EU countries between 2022 and 2023.
The most notorious target, Anxun Information Technology, known to the West as iSoon, is a hack-for-hire operation that has worked for China’s government and military, with its two founders also sanctioned as individuals. The Iranian firm, transliterated as Emennet Pasargad, is sanctioned for hacking a Swedish SMS service, a data leak attack against a French organisation, and spreading disinformation via billboards during the 2024 Paris Olympic Games.
All three entities have previously been sanctioned by the US and UK, and the EU sanctions expand the restrictions to curb their operations and travel within Europe.