The Department of Commerce restricts trade with four Russian IT and cybersecurity companies together with two additional entities, based on the latest document issued on Friday 16th of July, because of suspicions that these corporations constitute a threat to the US national security.
On Friday, six Russian corporations were added to the Department's Entity List, build off sanctions enforced by the Treasury Department in April, claiming these companies and other organizations are in line with or help Russia's intelligence agencies.
Since these organizations have appeared on the Entity List, the Department of Commerce will require them to seek a special license to do business with US companies or to receive supplies and components from American companies.
The Russian organizations that are now on the list of companies managed by the Commerce Department's Bureau of Industry and Security include:
- Aktsionernoe Obschchestvo Past: An IT company that reportedly conducted research and development for the country's Foreign Intelligence Service;
- Federal State Autonomous Institution Military Innovative Technopolis Era: A research center and technology park operated by the Russian Ministry of Defense;
- Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA): A state-owned institution believed to support malicious cyber activity;
- Aktsionernoe Obshchaestvo AST;
- Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz, or JSC Positive Technologies;
- Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit;
As per the Commerce Department, IT companies like, AST, Positive Technologies, and Neobit have also worked with the Russian Government.
In April, Treasury Department sanctions indicated Russian technology, security organizations, and research companies reportedly engaging in cyber campaigns with the Russian Foreign Intelligence Service, often referred to as the SVR, as well as other Russia's agencies, which includes the GRU.
The government of Biden sought to curtail the cyber activities in the country while responding to frequent events - along with a large-scale attack on the software provider Kaseya with remote management software this month - that the Russian-speaking group of REvil is accused of carrying out.
“Treasury is leveraging…[its] authority to impose costs on the Russian government for its unacceptable conduct, including by limiting Russia’s ability to finance its activities and by targeting Russia’s malicious and disruptive cyber capabilities," Treasury Secretary Janet L. Yellen said at the time.
The department also noted: "The Russian Intelligence Services have executed some of the most dangerous and disruptive cyberattacks in recent history," including the 2020 SolarWinds incident, a supply chain attack that ultimately affected several U.S. agencies.
The Treasury Department has also criticized the Kremlin for its electoral intervention to poison Kremlin's opponent Aleksei Navalny, and for robbing a U.S. security firm, among other recent measures, of "red team tools" – imitations of cyber-attack. The Kremlin refused these claims.
On Thursday, the State Department also announced that it will now reward the country's key infrastructure with up to $10 million for information concerning cyber-threats.
In addition, a website named 'StopRansomware' was revealed by the Homeland Security Department and the Justice Department, which is intended to be a primary platform for building ransomware-fighting tools from all government departments.
Further, Biden added that the U.S. government is prepared to take "any necessary action to defend its people and its critical infrastructure in the face" of ongoing cyberattacks.