On May 17th 2019 the EU Council approved a new framework allowing the institution to produce and enforce targeted sanctions in order to respond and deter cyber – attacks.
As per the approved regime the measures the EU Council may impose restricting targeted measures as a response to external threats, to the EU or to a Member State.
Such regime excludes the internal threats, and its scope was defined as applicator to cyber-attacks which:
- originate or are carried out from outside the EU or
- use infrastructure outside the EU or
- are carried out by persons or entities established or operating outside the EU or
- are carried out with the support of person or entities operating outside the EU.