US Adds Russian Cybersecurity Firms To Trade Blacklist

The US has added a number of Russian cybersecurity entities to a trade blacklist as it looks to crack down on digital crime and respond to a series of disruptive hacks it blames on Russia.

The US Commerce Department said it would restrict trade to four information technology companies and two other entities over “aggressive and harmful” activities, including digital espionage.

The country holds the Russian government to blame over the activities, while Russia denies involvement.

The six organisations were previously sanctioned by the US Treasury Department in April, the Commerce Department said, in a move that targeted tech companies that support the Russian intelligence services.

Hacking reprisal

The organisations’ addition to the Commerce Department’s blacklist means US companies cannot sell to the firms without a licence, with such licences rarely being granted.

The April sanctions were intended as retribution for Russian hacking activities, its interference in last year’s US election, the poisoning of dissident Alexei Navalny and other alleged activities, all of in all of which Russia denies involvement.

The April sanctions were, in part, in response to last year’s hack of IT firm SolarWinds that allowed government-backed intruders to access the systems of US federal agencies and private companies.

More recently, the hack of Florida IT firm Kaseya by Russia-based ransomware gang REvil disrupted the systems of more than 1,000 companies in the US and elsewhere.

The entities added to the blacklist include Russia-based IT security firms AST, Neobit and Positive Technologies, which have clients including the Russian government, the Commerce Department said.

‘Ethical exchange’

Another IT company added to the list, Pasit, allegedly carried out research and development in support of malicious cyber operations by Russia’s Foreign Intelligence Service.

Also added to the list were Federal State Autonomous Scientific Establishment Scientific Research Institute Specialised Security Computing Devices and Automation (SVA), a Russian state-owned institution that allegedly supported malicious cyber operations, and

Federal State Autonomous Institution Military Innovative Technopolis Era, a research centre and technology park operated by the Russian Ministry of Defence.

Positive Technologies said the Commerce Department announcement provided no new information.

The company said it engages in the “ethical exchange of information with the professional information security community” and has never been involved with an attack on US infrastructure.

Espionage links

In April, when the Treasury sanctions were announced, then-Assistant Attorney General John Demers said investigators were looking at “a known connection between a particular company and the Russian intelligence services”.

Non-Russian companies with operations in Russia were also being examined, he said.

The US said last week it would offer a reward of up to $10 million (£7m) for information on those engaging in cyber-attacks on US critical infrastructure.