top of page
  • Writer's pictureThe Legal Opinions

Cyber-attacks: European Council Extends Sanctions until 2025

Updated: Dec 14, 2022

The European Council today decided to prolong the framework for restrictive measures against cyber-attacks threatening the EU and its member states for a further three years, until 18 May 2025.

This legal framework allows the EU to impose targeted restrictive measures on persons or entities involved in cyber-attacks which cause a significant impact, and constitute an external threat to the EU or its member states.

Sanctions currently apply to eight individuals and four entities, and include an asset freeze and a travel ban. Additionally, EU persons and entities are forbidden from making funds available to those listed. These individual listings will continue to be reviewed every 12 months.

In June 2017, the EU established a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (the "cyber diplomacy toolbox"). The framework allows the EU and its member states to use all CFSP measures, including restrictive measures if necessary, to prevent, discourage, deter and respond to malicious cyber activities targeting the integrity and security of the EU and its member states.

The decision to prolong the restrictive measures for three years shows the strong EU's commitment to enhance its resilience and ability to prevent, discourage, deter and respond to cyber threats and malicious cyber activities in order to safeguard European security and interests.


Please do not hesitate to contact us if you require any legal assistance.


Recent Posts

See All


bottom of page