Europe confronts Russia's cyber warfare with its largest sanctions package

The Twenty-Seven and the United Kingdom are coordinating a response against the network of spies, cybercriminals, and companies used by the Putin regime to destabilize the continent

of july 13, 2026 at 20:18h
EuropaPress 1582031 presidente ruso vladimir putin recibe diecisiete nuevos embajadores
EuropaPress 1582031 presidente ruso vladimir putin recibe diecisiete nuevos embajadores

The European Union has openly accused Russian intelligence services of directing a broad campaign of cyber espionage and sabotage against governments, businesses, and critical infrastructure on the continent. Brussels has focused on the FSB, heir to the KGB, and has responded with sanctions against nine individuals and four entities linked to the digital network used by Moscow to destabilize its neighbors.

The offensive attributed to Russia has been active since at least 2010 and has reached France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania, and Finland. Targets have included government networks, defense-related research centers, power plants, and heating systems.

The move has been coordinated with the United Kingdom and supported by NATO. France, Germany, and Finland have also summoned Russian diplomatic representatives to demand explanations, an unusual joint response that reflects the growing concern about the use of cyberspace as an extension of the Kremlin's military and political pressure.

FSB's Center 16, at the heart of the accusation

The EU identifies Center 16 of the Russian Federal Security Service, also known as military unit 71330, as the main piece. Brussels maintains that this division controls various groups specialized in cyber threats, including Turla, a network that has been infiltrating public bodies and strategic systems for years.

The services linked to this unit would have developed increasingly serious operations, combining the secret acquisition of information with attacks capable of disrupting essential services. In France, the group acted against government agencies since 2010 and managed to extract data from a research center linked to the defense industry in 2025. Germany also detected intrusions into its institutions, while Poland attributes sabotage actions against energy and heating production facilities to the same network.

The model described by Brussels goes beyond operations executed directly by Russian officials. The FSB and military intelligence would have used a broader network composed of cybercriminals, self-proclaimed hacktivist groups, and private companies that provided technology, infrastructure, or cover for the attacks.

That mix allows the Kremlin to maintain a certain distance from the operations and makes immediate attribution difficult. The EU considers it proven, however, that some of these actors work under instructions, control, or coordination of the Russian authorities.

Sanctions against spies, hackers, and companies

The new European measures affect GRU officers, the Russian military intelligence service, along with hackers and private companies accused of facilitating activities against the Twenty-Seven, Ukraine, and other international partners. The sanctions involve asset freezes and a ban on entry into EU territory.

The United Kingdom has simultaneously acted against members of the same network and against those responsible for Lumma Stealer, a malicious program used to steal passwords and data stored on infected devices. London maintains that Russia has used credentials obtained through this tool to carry out espionage operations in different countries. The British National Crime Agency has detected at least 2,100 victims of this software over the past six months.

The British package also includes individuals linked to Rybar, a company accused of spreading disinformation about Ukraine and participating in political interference campaigns in Moldova and Armenia. The response seeks to reach both those who technically execute the attacks and the structures that turn information theft and digital propaganda into foreign policy instruments.

NATO warns it can respond

NATO has backed the attribution made by the EU and the United Kingdom and has condemned Russia's "persistent" cyber activities. The Alliance considers that these operations directly threaten the security of its members and has called on Moscow to abandon practices contrary to international norms of behavior in cyberspace.

The statement also contains a clear warning. The allies declare themselves prepared to use "the full range" of available capabilities to deter, defend against, and respond to new threats, at the time and in the manner they deem appropriate within international law.

Public attribution seeks to reduce Moscow's margin to hide its operations behind seemingly independent groups. France will summon the Russian ambassador, the EU will do the same with Russia's representative in Brussels, and sanctions will remain active while investigations into the detected attacks in the different member states continue.

Add ElConstitucional.es as a preferred Google source for free.

Stay informed about all the latest breaking news with the best information. Against disinformation, for democracy and social rights.

Activate now
About the author
foto jaime
Jaime Barrionuevo

Editor of ElConstitucional.es

View biography
The most read