According to a published document last Friday, the US Department of Commerce has restricted trade with six Russian organizations, four of which are information technology and cybersecurity firms, including two other entities that are allegedly posing a threat to the US national security.
The six Russian firms added to the Entity List of the Department of Commerce build off imposed sanctions by the US Department of Treasury last April, claiming that the mentioned firms are aligned or are currently assisting Russian intelligence services.
Placing these organizations on the Entity List of the Department of Commerce means they are required to apply for a special license to do business with US companies or receive supplies and components from any American firm.
The following Russian organizations have been added to the Entity List maintained by the Bureau of Industry and Security of the Commerce Department:
- Federal State Autonomous Institution Military Innovative Technopolis Era
- Aktsionernoe Obschchestvo Pasit
- Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA)
- Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, or JSC Positive Technologies
- Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit
- Aktsionernoe Obshchaestvo AST
According to the Commerce Department, AST, Positive Technologies, and Neobit are IT firms that have worked previously and are still connected with the Russian government.
The Treasury Sanctions
Last April, the Department of Treasury issued sanctions to the Russian-based tech, research, and security companies allegedly working with the SVR or Russian Foreign Intelligence Service and other Russian government agencies, including GRU or Main Intelligence Directorate, on cyber attack campaigns.
By Sanctioning Russia this 2021, the Biden administration is attempting to curb the Russian cyber-attack operations against the US. This is also a response to the increasing incidents and frequency of large-scale ransomware attacks on software vendors such as Kaseya, suspected to have been conducted by REvil, a Russian-speaking hacking group.
In their defense, Positive Technologies told Reuters last Friday that their firm has never been involved with a cyberattack or campaign against any US Infrastructure.
More Federal Measures
Last Thursday, the Department of State had announced that it will now offer rewards of up to $10 million for valid information about the cyber threats to the federal nation’s critical infrastructure.
The Homeland Security Department and the Department of Justice have also announced a new website called “StopRansomware,” a central hub for consolidating ransomware fighting resources for all federal government agencies and organizations.
Concerning the Kaseya attacks, President Biden spoke with Russian President Vladimir Putin during the Geneva summit on July 9 about the Russian government’s repeated demands to crack down on the cybercriminal activities conducted within their borders.
President Biden added that the US government is prepared to take any necessary action to protect and defend its people and its critical infrastructure in the face of ongoing cyberattacks.