EU updates cyber-sanctions reasons for 4 persons and 1 entity
→EU sanctions data teams must update cyber-list rationale records
Change
The EU updated the listing reasons for 4 persons and 1 entity already subject to cyber sanctions under Regulation (EU) 2019/796, covering APT10, Operation Cloud Hopper, Wizard Spider, Conti and Trickbot-linked activity.
Why it matters
The regulation does not add new cyber-sanctions targets. It changes the official reasons and identifying context for existing listed persons and one entity. Sanctions list-management teams must align screening metadata, aliases, threat-group references and rationale records with the amended Annex I entries.
Implications
- → EU sanctions data and list-management teams must update the Annex I records for the 4 persons and 1 entity — outdated rationale or alias data weakens screening and audit evidence.
- → Financial institutions and regulated firms applying EU cyber sanctions must align internal sanctions-reference data with the amended reasons — the listed targets remain subject to restrictive measures under the updated Annex entries.
- → Cyber-risk and sanctions advisory teams must reflect the updated APT10, Operation Cloud Hopper, Wizard Spider, Conti and Trickbot references in escalation notes — old rationale text no longer matches the current EU legal record.
Full decision brief
Unlock the decision layer.
Get the implications, affected teams, what to watch, and Clarify with AI — so the change becomes easier to act on.
Implications — what this change may force you to review
Who is affected — which people, workflows, or obligations are touched
What to watch — dates, deadlines, and triggers that matter next
Real-time alerts — delivered when a decision-forcing change is published
Clarify with AI — ask what this change means for you
Source
View on EUR-Lex