European Union Imposes Sanctions on Chinese and Iranian Companies for Cyberattacks
The European Union has taken decisive action by imposing sanctions against two China-based technology companies and one Iranian firm for their involvement in malicious cyberattacks targeting EU member states. This move underscores the EU's commitment to safeguarding its digital infrastructure and responding robustly to persistent cyber threats.
Targeted Companies and Individuals
The Council of the EU announced restrictive measures on March 16, 2025, listing three entities and two individuals responsible for cyber-attacks against EU member states and partners. The sanctioned companies include:
- Integrity Technology Group, a China-based company that has routinely provided products used to compromise and access devices across EU member states, Europe, and worldwide. Between 2022 and 2023, through their technical and material support, more than 65,000 devices were hacked across six EU countries.
- Anxun Information Technology, also known as i-Soon, another China-based company that has offered hacking services aimed at the critical infrastructure and functions of member states and third countries.
- Emennet Pasargad, an Iranian company that unlawfully accessed a French subscriber database and advertised its contents for sale on the dark web. Additionally, they compromised advertising billboards to spread disinformation during the 2024 Paris Olympic Games and hacked a Swedish SMS service, impacting numerous EU citizens.
The EU has also banned the co-founders of the Chinese companies, Chen Cheng and Wu Haibo, from entering Europe, citing their responsibility and involvement in cyber-attacks affecting EU member states.
Details of the Cyberattacks
According to reports, Integrity Technology Group facilitated the activities of a Chinese state hacking group dubbed Flax Typhoon, which security officials say has targeted organizations in Taiwan for espionage purposes. Flax Typhoon reportedly used Integrity's products and technology to infiltrate devices in the EU, leading to the massive breach of over 65,000 devices. The U.S. Treasury Department had previously sanctioned Integrity in January 2025, highlighting the global concern over its activities.
Anxun Information Technology's hacking services have been directed at critical infrastructure, posing significant risks to national security and stability in the region. Meanwhile, Emennet Pasargad's actions, including the compromise of advertising billboards during the Paris Olympics, demonstrate a broader strategy of cyber disinformation and data theft aimed at undermining public trust and security.
Sanctions and EU Response
The listed entities and individuals are now subject to an asset freeze, prohibiting EU citizens and companies from making funds, financial assets, or economic resources available to them. Natural persons also face a travel ban, preventing them from entering or transiting through EU territories. With today's listings, the EU horizontal cyber sanctions regime now applies to 19 individuals and 7 entities, marking a significant escalation in the bloc's cybersecurity enforcement.
The Council emphasized that this decision confirms the EU's and its member states' willingness to provide a strong and sustained response to persistent malicious cyber activities. The EU and its member states will continue to cooperate with international partners to promote an open, free, stable, and secure cyberspace, reinforcing a collective stance against cyber threats.
Broader Implications
This sanctioning move comes amid rising global tensions, including conflicts such as the Israel-Iran war and Gulf-Iran tensions, where cyber warfare has become an increasingly prevalent tool. The EU's action signals a proactive approach to deterring cyber aggression and protecting its digital sovereignty, setting a precedent for future responses to similar threats worldwide.
As cyberattacks continue to evolve, the EU's sanctions serve as a reminder of the importance of international cooperation and robust cybersecurity measures to defend against state-sponsored and criminal hacking activities targeting critical infrastructure and public institutions.
