The Council of the European Union announced on Friday that it is extending individual restrictive measures against people and entities involved in Russia’s hybrid activities for another year, until 9 October 2026. 

The decision comes amid continued concerns over Russia’s foreign information manipulation and interference operations targeting the EU, its member states, and partners.

The sanctions currently apply to 47 individuals and 15 entities. Those listed are subject to an asset freeze, and EU citizens and companies are prohibited from providing them with funds, financial assets, or economic resources. People on the list are also banned from entering or transiting through EU territories.

The EU first adopted a framework of restrictive measures on 8 October 2024 in response to Russia’s destabilising actions. 

The regime targets individuals and entities involved in policies and actions by the Russian government that undermine the EU’s security, stability, independence, and territorial integrity. It also covers those responsible for hybrid activities against third countries and international organisations.

In 2025, France attributed to the GRU cyberattacks targeting electoral processes, media, and other public and private critical entities, according to the EU High Representative's July statement. 

Romania also attributed a sophisticated hybrid attack that significantly impacted its electoral process to Russia, while GPS signal disruptions in several European countries have been linked to electronic warfare activities from Kaliningrad, including jamming and spoofing.

In May 2025, the EU expanded the sanctions to include tangible assets linked to Russia's destabilising activities, financial backers of such activities, and to allow the suspension of broadcasting licences for Russian media outlets spreading disinformation. 

The broadened scope now allows the EU to target vessels, aircraft, real estate, and physical elements of digital and communication networks, as well as transactions of credit institutions and entities providing crypto-assets services that facilitate Russia's destabilising activities.

On 18 July 2025, the EU’s High Representative condemned Russia’s persistent hybrid campaigns, which include cyber-attacks, sabotage, disruption of critical infrastructure, physical attacks, and information manipulation. 

The statement highlighted that such malicious behaviour has escalated since the start of Russia’s war of aggression against Ukraine and is expected to continue.

The EU and its member states reaffirmed that they will continue to use the full range of tools available to protect, prevent, deter, and respond to these threats.