The UK government has announced sanctions against three Russian military intelligence units, including 18 members involved in their operations. Several other individuals responsible for various cyber attacks and even assassination attempts have also been sanctioned.
According to a policy paper published on July 18, the UK government is sanctioning GRU Units 29155, 26165, and 74455. Additionally, the Africa Initiative and three of its leaders have been sanctioned as well. The announcement also calls out Russian cyber attacks targeting Ukraine before, during, and since the full-scale Russian invasion of Ukraine starting February 24, 2022.
The sanctioned groups also targeted NATO allies, European Union member states, and US organisations. Unit 29155, also known as Cadet Blizzard, Bleeding Bear, Ember Bear, DEV-0586, Forzenvista, and UNC2589, carried out attacks against Ukraine in February 2022, coordinating with Russia’s ground assault.
The group was also involved in targeting TV5 Monde, the German government, the US Democratic Party, French presidential elections, and the 2024 Paris Olympic and Paralympic Games.
Unit 26165 hacked IP cameras in numerous European countries to track and disrupt foreign assistance to Ukraine. In 2025, the group carried out reconnaissance operations on Ukrainian civilian bomb shelters before the Russian bombing of the Mariupol theatre, which resulted in large-scale civilian casualties.
Unit 74455 is also tracked as APT44, Blue Echidna, Electrum, Iridium, Seashell Blizzard, Sandworm, TeleBots, and Voodoo Bear is one of Russia’s most active and popular hacking groups. The unit is linked to multiple espionage, disruption, and disinformation campaigns globally.
Apart from hacking groups, the UK also named Sergey Morgachev, Aleksey Lukashev, Ivan Yermakov, Sergey Vasyuk, and Artem Malyshev for their involvement with the sanctioned hacking groups’ operations. Aleksey Morenets, Yevgeniy Serebriakov, Oleg Sotnikov, and Aleksey Minin were involved in conducting close access operations against organisations controlling the use of chemical weapons.
In the News: Dell confirms test lab platform breach
