EU Sanctions Chinese iSoon and Iranian Emennet Pasargad Threat Actors Targeting European Interests
What Happened — The European Union officially sanctioned three cyber‑crime entities—China’s Integrity Technology Group and iSoon (Anxun Information Technology), and Iran’s Emennet Pasargad (Anzu Team/Holy Souls)—freezing their assets and banning EU entities from doing business with them. Senior executives Wu Haibo and Chen Cheng of iSoon were also barred from entering the EU.
Why It Matters for TPRM —
- State‑backed actors are now on an EU watch‑list, increasing scrutiny of any third‑party relationships that could expose supply‑chain risk.
- Vendors with ties to the listed entities may face compliance, contractual, and reputational consequences.
- The sanctions underscore the need for continuous monitoring of geopolitical threat actors affecting critical sectors such as finance and media.
Who Is Affected — Financial services, media publishers, advertising platforms, and any EU‑based vendors that source technology or services from Chinese or Iranian suppliers.
Recommended Actions — Review contracts for any exposure to the sanctioned entities, validate that no payments or data flows involve them, and update third‑party risk registers to reflect the new EU sanctions.
Technical Notes — The sanctions target groups known for credential‑theft, data exfiltration, and propaganda campaigns (e.g., Charlie Hebdo subscriber database breach, Paris Olympic billboard hijack). No specific CVEs are cited; the threat is actor‑based. Source: DataBreachToday