France will also summon the Russian ambassador over the hacking campaigns, French Foreign Minister Jean-Noël Barrot told broadcaster BFMTV on Monday morning.
The latest listing refers to the EU’s cyber sanctions regime, first used in 2020 against Russian officers of the military intelligence service GRU that conducted attacks including a global outbreak of NotPetya malware and a hack of the German Bundestag. Brussels has expanded the list of sanctioned hackers to include more GRU officers over attacks on Estonia. It has also sanctioned people involved in Russia’s hybrid aggression, like sabotage and disinformation.
According to the French government, Turla compromized unclassified email systems at the Defense Ministry in 2017, breached the French embassy in Moscow the following year and stole industrial secrets from a high-tech company in 2025. French officials also accuse the group of hijacking third-party infrastructure — including offensive cyber capabilities linked to Iran — to conceal the origin of its operations.
“These operations target military personnel, companies, and operators and are intended either to intercept communications or to sabotage operations … for example, railway infrastructure, as was the case in Poland,” Barrot said.
The FSB unit was also behind a sabotage operation targeting critical infrastructure in Poland, including against combined heating and power plants, the EU said.
Monday’s sanctions include travel bans and asset freezes for listed individuals and entities. They also affect Russian technology companies supporting the intelligence services, including Advanced System Technology (AST) and NPP Gamma, which will now be barred from doing business in the EU. AST had previously been sanctioned by the United States in 2021.
The United Kingdom on Monday also announced a series of sanctions against 24 individuals and entities linked to Russian intelligence services.