The Commerce Department’s Bureau of Industry and Security (BIS) would introduce a new export control rule aimed at banning the export or resale of hacking tools to authoritarian regimes.
The rule announced by the BIS tightens export controls on technology that could be used by adversaries to conduct malicious cyber activities and surveillance of private citizens resulting in human rights abuse.
The rull will become effective in 90 days and will ban the export of “cybersecurity items” for National Security (NS) and Anti-terrorism (AT) reasons.
“Specifically, this rule establishes a new control on these items for National Security (NS) and Anti-terrorism (AT) reasons, along with a new License Exception Authorized Cybersecurity Exports (ACE) that authorizes exports of these items to most destinations except in the circumstances described. These items warrant controls because these tools could be used for surveillance, espionage, or other actions that disrupt, deny or degrade the network or devices on it.” reads the announcement published by the Bureau of Industry and Security, Commerce.
The new License Exception Authorized Cybersecurity Exports would allow the export, reexport and transfer (in-country) of ‘cybersecurity items’ to most destinations, while retaining a license requirement for exports to countries of national security or weapons of mass destruction concern. The license will be required for those countries subject to a U.S. arms embargo.
The complete list includes states of weapons of mass destruction or national security concern or subject to a U.S. arms embargo.
The rule is consistent with the result of BIS’s negotiations in the Wassenaar Arrangement (W.A.) multilateral export control regime and results from a review of comments from Congress, the private sector, academia, civil society, and other stakeholders.
U.S. Secretary of Commerce Gina M. Raimondo explained that the new rule aims at preventing the use of this technology by threat actors that could hit US computer networks threaten U.S. national security.
“The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights. The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.” said U.S. Secretary of Commerce Raimondo.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Bureau of Industry and Security)
[adrotate banner=”5″]
[adrotate banner=”13″]
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…
GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a…
The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on…
This website uses cookies.