In the wake of a significant increase in worldwide cyberattacks, US authorities revealed long-awaited new guidelines on Wednesday aimed at limiting the export of hacking equipment to countries like Russia and China.
The restrictions, which are slated to take effect in 90 days, would make it illegal to sell specific software or gadgets to a list of countries unless they were approved by a Commerce Department division.
“The United States opposes the use of technology to violate human rights or engage in other destructive cyber operations,” the Commerce Department said in a statement. “These new standards will help guarantee that US corporations are not fuelling authoritarian practises.”
The news comes just days after US government statistics revealed that $590 million in ransomware-related payments were reported to Washington in the first half of 2021 alone, establishing a record for the decade.
According to the US Treasury study, the sum was also 42 percent higher than the amount disclosed by financial institutions for the entire year of 2020, and there are strong indications the true cost could be in the billions.
Despite Moscow’s denials, Russian-speaking hacking organisations or those operating from Russian territory have been accused for the majority of recent ransomware assaults against the United States.
When selling to places deemed “countries of national security or weapons of mass destruction concern,” or which are currently under an arms embargo, a licence would be necessary under Commerce’s new requirements.
The United States, along with Israel, has long been a prominent player in the cybersecurity business.
The Department of Commerce’s new rules have been in the works for years, as authorities struggled to strike a balance between legitimate uses of technology, such as cyber protection, and criminal exploitation.
The rules can be challenging due to the intricacy of the technology and the variety of usage, as they distinguish between governments, defensive purposes, and private individuals.