Beijing condemned Tuesday, March 17, 2026, new sanctions imposed by the European Union on two Chinese technology companies over alleged cyberattacks, characterizing the decision as “unlawful” and calling on Brussels to “correct its mistaken practices.” The European Council announced Monday the imposition of sanctions on “Integrity Technology Group” and “Anxun Information Technology” for allegedly assisting in hacking “critical infrastructure” and tens of thousands of devices throughout the European Union.
The sanctions prohibit European citizens and companies from providing funds to the two firms while barring their Chinese founders from “entering or transiting EU member states,” according to the European Council statement. This escalation reflects growing European concern about cyberattacks originating from state-sponsored Chinese entities and represents part of a broader EU strategy to enhance cybersecurity protections.
Details of European Sanctions
The sanctions framework established by the European Council targets both corporate entities and individuals directly responsible for cyberattacking operations. The measures represent a significant escalation in EU enforcement against non-state actors suspected of conducting cyber operations on behalf of foreign governments.
The United Kingdom also imposed sanctions on the two companies headquartered in China in December for conducting “reckless and indiscriminate cyberattacks.” This coordinated British-EU response reflects coordinated Western efforts to deter cyberattack operations through multilateral sanctions pressure.
Allegations Against Chinese Companies
European authorities accused the two firms of assisting in breaching critical infrastructure across EU member states. This critical infrastructure encompasses government systems, military networks, and other essential services vital to EU member economies and security. Brussels considered these cyberattacks to represent direct threats to member state security and EU citizen welfare.
Chinese Response to Sanctions
Chinese Foreign Ministry spokesperson Lin Jian informed reporters that “China strongly opposes the European Union’s unlawful and unilateral sanctions against Chinese entities and urges the EU to correct its mistaken practices.” This response reflects Beijing’s position that EU sanctions violate international law and represent unilateral actions imposed without international consensus.
Beijing’s Call for Cooperation
Beijing urged Brussels to cooperate “in a responsible and constructive manner to protect peace, stability, and prosperity in cyberspace.” This appeal attempts to shift discussion from specific sanctions to broader dialogue on international cybersecurity cooperation, a diplomatic tactic suggesting Chinese desire to reframe the narrative away from specific accusations.
EU Expands Sanctions Against Iran
EU foreign policy chief Kaja Kallas announced Wednesday that member states approved expanding EU sanctions to include 19 new Iranian officials and entities. This expansion came as part of broader EU strategy to hold Iranian actors accountable for various activities affecting European interests and security.
European Priorities in Sanctions Framework
Kallas emphasized that protecting EU interests remains paramount amid continued tensions with Tehran. This statement reflects the EU’s shift toward a more assertive posture toward Iranian state actors. The expansion demonstrates EU determination to employ sanctions as a tool for deterring unwanted state behavior across multiple domains.
Historical Context of EU Cyber Sanctions
These sanctions represent neither the EU’s first nor most aggressive action against cyberattack actors. In 2020, former EU foreign policy chief Josep Borrell explained that the Council adopted restrictive measures against six individuals and three entities that had implemented or participated in planning destructive cyberattacks.
Previous Sanctions Targets
Earlier EU sanctions directly targeted Russian military intelligence apparatus, alongside a Chinese company and a North Korean firm linked to international hacker groups, plus four Russian citizens and two Chinese nationals. The EU issued explicit accusations against Russian military intelligence for conducting cyberattacks in June 2017 that caused substantial financial losses to European companies.
Prominent Cyberattack Cases
Earlier EU sanctions also targeted North Korean firm “Chosun Expo,” accused of providing logistical support to the “Lazarus Group,” responsible for the world’s largest cyberheist. This operation involved stealing 81 million dollars from Bangladesh Bank’s account at the Federal Reserve Bank in New York in 2016.
The EU imposed sanctions against Chinese firm “Haitai Technology Development” for involvement in “Operation Cloud Hopper,” targeting theft of confidential commercial data from global companies. This demonstrates the EU’s determination to pursue those attempting to compromise economic data or digital sovereignty of nations.
Broader EU Cybersecurity Strategy
The sanctions represent part of a wider EU strategy to protect information infrastructure and economic systems. Amid escalating cyberattacks from hostile states, the European Union has assumed an increasingly assertive posture toward these threats.
Future Challenges
Europe faces mounting challenges from increasingly sophisticated cyberattacks. As attack and defense technologies evolve, European nations may require increased cybersecurity investments and international cooperation to address these threats effectively.
Escalating China-EU Tensions
These sanctions reflect deepening tensions in China-EU relations regarding cybersecurity, intellectual property, and digital sovereignty issues. China perceives European sanctions as part of Western efforts to constrain its technological advancement, while the EU views Chinese cyberattacks as threats to its digital infrastructure and economic competitiveness.
Dispute Over Allegations
China formally denies Chinese company involvement in cyberattacks, arguing accusations lack conclusive evidence and represent Western bias. However, European and American security reports indicate sufficient evidence of these company involvement in hacking operations targeting Western infrastructure and commercial entities.
Broader Context of Cyber Warfare
The sanctions dispute occurs within context of escalating state-sponsored cyberattacks globally. Major powers increasingly employ cyberattack operations as instruments of statecraft, targeting infrastructure, intellectual property, and governmental systems. This represents fundamental shift in how nations conduct competition and conflict in the digital domain.
International Law and Cyber Sovereignty
Fundamental disagreement exists between Western powers and China regarding international legal frameworks governing cyberattacks and state responsibility for cyber operations. China argues that Western nations lack authority to unilaterally impose sanctions without international legal consensus, while the EU contends that defending critical infrastructure justifies enforcement action.
Conclusion:
The sanctions dispute between China and the European Union reflects deepening tensions over cybersecurity, digital sovereignty, and international legal authority in the cyber domain. While the EU insists on imposing strict penalties against implicated companies, China protests and characterizes these measures as unlawful and unilateral. With cyberattacks continuing and disagreements persisting over responsibility attribution, tension between the sides appears destined for continued escalation in coming years. The absence of agreed international frameworks governing state-sponsored cyberattacks ensures that disputes like these will remain sources of significant geopolitical friction.
