Russia's Cyber Campaign Against Europe: The First Joint UK-EU Cyber Sanctions
The EU said countries including France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania and Finland had been targeted in a cyber campaign stretching back years.
The European Union and the UK have announced coordinated sanctions against Russia after accusing Kremlin's FSB intelligence agency of carrying out a cyber attack in December targeting Poland's energy grid and orchestrating a wider campaign of digital sabotage across Europe.
The sanctions focus on individuals and organisations linked to Russia's security services.
While the EU list includes nine people and four entities, Britain has added 24 names to its own sanctions list.
"We’re sanctioning Russia at speed and scale", Kaja Kallas, the EU High Representative for Foreign Affairs and Security Policy, posted on X.
She said that this is the biggest round of individual designations since Moscow’s 2022 full-scale invasion, and also includes the EU’s largest-ever cyber sanctions package.
"The financial backbone of Russia’s war machine is the main target. Every measure weakens Moscow’s ability to wage war."
Who Is On the EU List?
Elena Bagudina, General Director of Communication Platform LLC, most known as a subsidiary of VK (previously known as VKontakte) and the developer and manager of state-supported mobile phone application Max, was among those sanctioned.
The development of the Max application was supervised by the Federal Security Service (FSB). This application must be pre-installed on all mobile phones and tablets sold in Russia.
Citing experts, Brussels argues that Max App has "extensive surveillance features" that Russian authorities use to track online communications, gather data, monitor address books, identify user location and install autonomous updates.
VK
VK is one of the main technological companies in Russia. It provides email and chat services and runs applications and the social media website VKontakte.
VK as a company, “has cooperated with Russian authorities in their repressive actions, including by providing them with data concerning users of its services who posted content criticising Russia's war of aggression against Ukraine, or other content banned by the authorities," the legal text says.
"VK has also participated in the government-ordered ban on the use of VPNs, through which Russian internet users could previously access independent content."
Monday's decision introduces an asset freeze and prohibits EU companies from making funds available to VK Company.
In a statement to Russian state-owned media outlet TASS, the firm said that its applications and services remained "available to users as normal".
Separately, the EU sanctioned nine individuals and four entities accused of carrying out "malicious" cyber attacks against several member states.
Centre 16
In addition, the UK together with EU member states is today attributing the attack on Poland’s energy grid to Russia’s FSB Centre 16. This reckless attack failed but could have caused 500,000 citizens to lose electricity in the depths of winter,- the Foreing Office in London said.
On December 29-30, Poland faced one of the most serious operations against critical infrastructure. This coordinated cyberattack against the Polish power grid targeted wind and solar farms, combined heat and power plants, as well as industrial systems such as IT and operational technology.
It did not trigger a nationwide blackout, but critical control systems were disrupted, some industrial equipment was damaged beyond repair, and communication between energy assets and operators was degraded.
The attempted attack on Poland's critical infrastructure has been attributed to the FSB's Centre 16 intelligence unit. That Centre has previously been accused by Western intelligence agencies of using malware over several decades to conduct espionage operations around the world.
A claim that has been consistently denied by Moscow.
The Russian state and its criminal networks responsible for orchestrating cyber-attacks, interfering in elections and spreading malicious anti-Ukraine narratives across Europe have today been sanctioned by the UK.
Lumma Stealer And False Media
Lumma Stealer (also known as LummaC2) is "made in Russia" a potent info-stealer. It targets sensitive data like web credentials, cryptocurrency wallets, and browser cookies.
According to the National Crime Agency, within the last six months, there have been at least 2,100 Lumma Stealer victims in the UK.
Despite a massive, coordinated international takedown by Microsoft, Europol, and the US Department of Justice in May 2025—which seized over 2,300 malicious domains—the operators behind Lumma quickly rebuilt their infrastructure and resumed campaigns.
Sanctions target 10 individuals behind Rybar LLC including directors, senior management, and content designers. The media company is resourced by the Russian state and is responsible for spreading false narratives about Ukraine and interfering in European elections, including in Moldova and Armenia.
The Foreign Office said Russia's intelligence agencies had increasingly turned to cybercriminals to support the Kremlin's military and foreign policy objectives as the war in Ukraine continued.
New sanctions target the Russian state’s persistent and increasingly reckless attempts to sow chaos and division across Europe.
Sources: Europian Commission, Forein Office, Euronews, Sky News