- What is AI networking? How it automates your infrastructure (but faces challenges)
- I traveled with a solar panel that's lighter than a MacBook, and it's my new backpack essential (and now get 23% off for Black Friday)
- Windows 11 24H2 hit by a brand new bug, but there's a workaround
- This Samsung OLED spoiled every other TV for me, and it's $1,400 off for Black Friday
- How to Protect Your Social Media Passwords with Multi-factor Verification | McAfee Blog
US to Ban Export of Hacking Tools to Authoritarian States
The US government has issued new rules designed to prevent the export of hacking and surveillance tools to regimes guilty of human rights abuses.
The “interim final rule” was released by the Commerce Department’s Bureau of Industry and Security (BIS) and will go into force in 90 days,
Governments singled out by the proposals are “of concern for national security reasons” or subject to an arms embargo.
Restrictions will also apply if the exporter knows that the product will be used to impact the confidentiality, integrity or availability of IT systems without the knowledge of their owner/administrator.
“The United States is committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights,” said commerce secretary Gina Raimondo.
“The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities.”
The move will do nothing to impact the export of hacking tools from other countries to authoritarian regimes. Controversial spyware developer NSO Group is headquartered in Israel, for example.
The cybersecurity community has 45 days to comment on the proposals. They include a License Exception Authorized Cybersecurity Exports (ACE) designed to ensure products can still be sold to “most destinations” unhindered.
The latest action by BIS comes as a result of BIS’s negotiations in the multilateral Wassenaar Arrangement, which governs export controls. The long-running treaty has been criticized in the past for adding unnecessary red tape for cybersecurity vendors wanting to export their products abroad.
Several years ago, it was claimed the rules could even restrict the sharing of vulnerability information globally between legitimate threat researchers.
Full details of the new BIS interim final rule are available here.
