Council Implementing Regulation (EU) 2025/886 amends Annex I to Regulation (EU) 2019/796, which concerns restrictive measures against cyber-attacks threatening the Union or its Member States. The regulation updates the reasons for including six individuals already listed, who are connected to cyber-attacks and are considered a threat to the EU or its member states. This regulation serves to reinforce the EU’s stance against cyber threats by updating and maintaining the accuracy of its sanctions list.
The structure of the regulation is straightforward. It contains two articles and an annex. Article 1 states that Annex I to Regulation (EU) 2019/796 is amended as per the attached annex. Article 2 specifies that the regulation will come into effect the day after its publication in the Official Journal of the European Union and confirms its binding and directly applicable nature in all Member States. The annex provides the updated entries for natural persons listed under the original regulation, specifically entries 3 to 8. These entries include names, identifying information, reasons for listing, and the date of listing.
The most important provision of this regulation lies in the updated reasons for listing individuals. These updates provide more detailed information regarding the individuals’ involvement in specific cyber-attacks, such as the attempted attack against the Organisation for the Prohibition of Chemical Weapons (OPCW) and attacks against the German federal parliament. The updated information also includes the individuals’ affiliations with the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU) and their roles within this organization. For example, Evgenii Serebriakov is now identified as leading the “Sandworm” hacking group, which has carried out cyber-attacks on Ukraine. These detailed updates are crucial for ensuring that the restrictive measures are targeted and justified, and for providing transparency regarding the reasons for the sanctions. ****
