BIS finalizes export control rule covering cybersecurity activities

The Commerce Department’s Bureau of Industry and Security on Wednesday issued a rule tightening export controls on “malicious cyber activities,” implementing 2013 additions to the Wassenaar Arrangement. The interim final rule, set to take effect 90 days after it is published in the Federal Register, covers intrusion software and technology used to develop, produce or use intrusion software. BIS in 2015 initially proposed a rule to implement the 2013 Wassenaar Arrangement changes but received substantial pushback from stakeholders over its...