The US Commerce Department has released new rules designed to stop companies from selling hacking tools to China, Russia and other countries that may use them for nefarious purposes.
The new rules, which come into effect in 90 days and were pushed by the department’s Bureau of Industry and Security (BIS), govern the “export, reexport, or transfer (in-country) of certain items that can be used for malicious cyber activities.”
Companies would be barred from selling some technology to certain countries without a specific license from BIS.
US Secretary of Commerce Gina Raimondo said in a statement that the US is “committed to working with our multilateral partners to deter the spread of certain technologies that can be used for malicious activities that threaten cybersecurity and human rights.”
“The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities,” Raimondo said.
The rule additionally certifies a new License Exception Authorized Cybersecurity Exports (ACE) which the department is now looking for public comment on. The Commerce Department is looking for outside experts to let them know about how the rule will impact US companies and the