Esta es la versión HTML de un fichero adjunto a una solicitud de acceso a la información 'Documents: CM 4129 2020 / ST 12475 2020 / ST 12473 2020'.


 
  
 
 
 

Council of the 
 
 

 European Union 
   
 
Brussels, 29 October 2020 
(OR. en) 
    12475/20 
 
 
 
 
LIMITE 

 
CORLX 522 

CFSP/PESC 937 
 
 
RELEX 837 
CYBER 207 
JAI 883 
FIN 805 
 
PROPOSAL 
From: 
High Representative of the Union for Foreign Affairs and Security Policy, 
signed by Ms. Helga SCHMID, Secretary General 
date of receipt: 
29 October 2020 
To: 
Mr Jeppe TRANHOLM-MIKKELSEN, Secretary-General of the Council 
of the European Union 
Subject: 
Proposal of the High Representative of the Union for Foreign Affairs and 
Security Policy to the Council for a Council Implementing Regulation 
implementing Regulation (EU) 2019/796 concerning restrictive 
measures against cyber-attacks threatening the Union or its Member 
States 
 
 
Delegations will find attached document HR(2020) 166. 
 
Encl.: HR(2020) 166 
 
 
12475/20  
 
LJM/ia 
 
 
RELEX.1.C 
LIMITE 
EN 
 


HR(2020) 166 
Limited 
 
 
EUROPEAN EXTERNAL ACTION SERVICE 
 
GREFFE 
 
 
 
Proposal of the High Representative of the Union for Foreign Affairs and Security 
Policy to the Council 
 
 
 
 

of 29/10/2020 
 
 
 

 
for a Council Implementing Regulation implementing Regulation (EU) 2019/796 
concerning restrictive measures against cyber-attacks threatening the Union or its 
Member States 
 
 
 
 
 
 
 
 
 
 
HR(2020) 166 
Limited 
 
 
 
 
HR(2020) 166 
Limited 

 

HR(2020) 166 
Limited 
 
COUNCIL IMPLEMENTING REGULATION (EU) 2020/… 
of [dd/mm/2020] 
implementing Regulation (EU) 2019/796 concerning restrictive measures against cyber-
attacks threatening the Union or its Member States 
 
THE COUNCIL OF THE EUROPEAN UNION, 
Having regard to the Treaty on the Functioning of the European Union, 
Having regard to Council Regulation (EU) 2019/796 concerning restrictive measures against cyber-
attacks threatening the Union or its Member States (1), and in particular Article 13(1) thereof, 
Having regard to the proposal from the High Representative of the Union for Foreign Affairs and 
Security Policy, 
 
Whereas: 
(1) 
On 17 May 2019, the Council adopted Regulation (EU) 2019/796. 
(2) 
On 30 July 2020, the Council adopted implementing Regulation (EU) 2020/1125 (2), which 
added  six  natural  persons  and  three  entities  or  bodies  to  the  list  of  natural  and  legal 
persons,  entities  and  bodies  subject  to  restrictive  measures  in  the  Annex  I  to  Regulation 
(EU) 2019/796. 
(3) 
Updated information has been received for two listings. 
(4)  
Annex I to Regulation (EU) 2019/796 should therefore be amended accordingly, 
HAS ADOPTED THIS REGULATION: 
Article 1 
 
Annex I to Regulation (EU) 2019/796 is amended in accordance with the Annex to this Regulation. 
Article 2 
This  Regulation  shall  enter  into  force  on  the  day  following  that  of  its  publication  in  the  Official 
Journal of the European Union

                                                 
1 OJ L 129I, 17.05.2019, p. 1. 
2  Council  Implementing  Regulation  (EU)  2020/1125  of  30  July  2020  implementing  Regulation  (EU)  2019/796 
concerning restrictive measures against cyber-attacks threatening the Union or its Member States (OJ L 246, 30.7.2020, 
p. 4). 
 
HR(2020) 166 
Limited 

 

HR(2020) 166 
Limited 
 
 
This Regulation shall be binding in its entirety and directly applicable in all Member States. 
Done at Brussels, 
 
For the Council 
 
The President 
 
 
 
 
 
 
HR(2020) 166 
Limited 

 

HR(2020) 166 
Limited 
 
ANNEX 
In Annex I to Regulation (EU) 2019/796, under the subheading ‘A. Natural Persons’, entries 1 and 
2 are replaced by the following entries: 
 
A. Natural persons 
 
  
Name 
Identifying 
Reasons 
Date of 
information 
listing 
 
‘1.  GAO 
Date of birth: 4 
Gao Qiang is involved in “Operation Cloud 
30.7.2020 
Qiang 
October 1983 
Hopper”, a series of cyber-attacks with a 
significant effect originating from outside the 
Place of birth: 
Union and constituting an external threat to 
Shandong Province,  the Union or its Member States and of cyber-
China 
attacks with a significant effect against third 
Address: Room 
States. 
1102, Guanfu 
“Operation Cloud Hopper” targeted 
Mansion, 46 Xinkai 
information systems of multinational 
Road, Hedong 
companies in six continents, including 
District, Tianjin, 
companies located in the Union, and gained 
China 
unauthorised access to commercially 
Nationality: Chinese  sensitive data, resulting in significant 
economic loss. 
Gender: male 
The actor publicly known as “APT10” 
 
(“Advanced Persistent Threat 10”) (a.k.a. 
“Red Apollo”, “CVNX”, “Stone Panda”, 
“MenuPass” and “Potassium”) carried out 
“Operation Cloud Hopper”. 
Gao Qiang can be linked to APT10, including 
through his association with APT10 
command and control infrastructure. 
Moreover, Huaying Haitai, an entity 
designated for providing support to and 
facilitating “Operation Cloud Hopper”, 
employed Gao Qiang. He has links with 
Zhang Shilong, who is also designated in 
connection with “Operation Cloud Hopper”. 
Gao Qiang is therefore associated with both 
Huaying Haitai and Zhang Shilong 
 
 
HR(2020) 166 
Limited 

 

HR(2020) 166 
Limited 
 
2. 
ZHANG  Date of birth: 10 
Zhang Shilong is involved in “Operation  30.  30.7.2020’ 
Shilong 
September 1981 
Cloud Hopper”, a series of cyber-attacks 
with a significant effect originating from 
Place of birth: China  outside the Union and constituting an 
Address: Hedong, 
external threat to the Union or its Member 
Yuyang Road No 
States and of cyber-attacks with a 
121, Tianjin, China 
significant effect against third States. 
Nationality: Chinese  “Operation Cloud Hopper” has targeted 
information systems of multinational 
Gender: male 
companies in six continents, including 
companies located in the Union, and 
 
gained unauthorised access to 
commercially sensitive data, resulting in 
significant economic loss. 
The actor publicly known as “APT10” 
(“Advanced Persistent Threat 10”) (a.k.a. 
“Red Apollo”, “CVNX”, “Stone Panda”, 
“MenuPass” and “Potassium”) carried out 
“Operation Cloud Hopper”. 
Zhang Shilong can be linked to APT10, 
including through the malware he 
developed and tested in connection with 
the cyber-attacks carried out by APT10. 
Moreover, Huaying Haitai, an entity 
designated for providing support to and 
facilitating “Operation Cloud Hopper”, 
employed Zhang Shilong. He has links 
with Gao Qiang, who is also designated in 
connection with “Operation Cloud 
Hopper”. Zhang Shilong is therefore 
associated with both Huaying Haitai and 
Gao Qiang. 
 
 
 
 
 
 
 
 
HR(2020) 166 
Limited