The United States government is planning to ban the international sale of hacking tools to authoritarian governments. This rule was announced this week, and was likely an effort to minimize the amount of foreign hackers attacking US systems.
This law essentially limits private businesses from selling equipment that could be used to hack or infiltrate US systems, essentially implementing an item-specific embargo on certain countries like Russia or China (though these countries weren't mentioned by name).
While this is a solid law in theory, some people have met this announcement with a distinct lack of enthusiasm, saying that it's akin to a band-aid over a bullet wound. The US has been subject to countless cyber attacks from foreign agents, many of which believe to be direct results from business like this.
Why Has the US Banned Hacking Tools?
In an announcement from the US Department of Commerce, the US has stated that they will be establishing controls on the export, reexport, and overall transfer of devices that can be used for malicious cyber activity, like hacking US government services or even private businesses.
“The United States Government opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these new rules will help ensure that U.S. companies are not fueling authoritarian practices.”
The reason that the US doesn't want foreign agents to have hacking materials is obvious, but why have they made this move now rather than earlier?
It has seemed recently that the US government has been subjected to hundreds of attacks, and now they're slowly making efforts to push back. And this isn't just pushing back on efforts against the US government. Russian hack groups have started to set their sights on private finance businesses, which might be lighting a fire under the US government to address the situation.
What Is the Reception to this Ban?
On paper, this is a good idea. Banning hacking tools from authoritarian governments is a great idea for any country looking to strengthen its own cybersecurity. However, a lot of people are viewing this as closing the barn doors after the horses have escaped.
Reddit user u/Dan_from_Japan scored the top comment with a simple but scathing “This is the most ‘day late and a dollar short' headline of all time,” with a similar but more lengthy response about this is too little too late.
While these comments are just two individuals, the sentiment spans across multiple users and people across the internet. The US has experienced multiple attacks over the past decade, including in-depth speculation about their interference in the 2016 election, in which Trump was the victor.
While it truly is better late than never, the fact that the US ever allowed companies within to sell harmful devices to foreign entities is quite alarming, and the fact that it's banned now probably won't slow anything down, as the tools are already in the hands of the foreign hackers.
The Future of Cybersecurity
While state-sponsored foreign hackers mainly go after government systems, there's no shortage of foreign (or even local) hackers attempting to infiltrate businesses and personal accounts.
If you're worried about hackers and cybersecurity, there are a couple of paths you could take, all of which we strongly recommend. The most common method of hack prevention would be anti-virus software, which can stop malicious ransomware or viruses from harvesting your data or implanting backdoors into your systems.
To strengthen your security even more, you can also install a VPN, which will encrypt and hide your browsing data from any prying eyes (be they governmental or criminal). Lastly, you should make sure all your passwords are as secure as possible, and keep track of them within a password manager. Password managers are a secure way of storing account information in a safe space that only its user can access.