The Council today approved additional restrictive measures against six persons involved in cyber-attacks affecting information systems relating to critical infrastructure, critical state functions, the storage or processing of classified information and government emergency response teams in EU member states. For the first time, restrictive measures are being taken against cybercriminal actors that use ransomware campaigns against essential services, such as health and banking.