PRIA Logo
Take the PRIA Score
Title 22Foreign Relations and IntercourseRelease 119-73

§9524 Imposition of sanctions with respect to activities of the Russian Federation undermining cybersecurity

Title 22 › Chapter CHAPTER 102— - COUNTERING RUSSIAN INFLUENCE IN EUROPE AND EURASIA › Subchapter SUBCHAPTER I— - SANCTIONS AND OTHER MEASURES WITH RESPECT TO THE RUSSIAN FEDERATION › Part PART B— - SANCTIONS WITH RESPECT TO THE RUSSIAN FEDERATION › § 9524

Last updated Apr 6, 2026|Official source

Summary

Starting 60 days after August 2, 2017 (October 1, 2017), the President must punish people who knowingly carry out major cyberattacks for the Russian government, or who are owned, controlled by, or acting for those people. If someone knowingly helps, sponsors, or provides non-financial support for those attacks, the President must apply five or more sanctions listed in section 9529. If someone knowingly provides financial services for those attacks, the President must apply three or more sanctions listed in section 8923(c). The punishments can include using powers under the International Emergency Economic Powers Act to block and ban all transactions in any property in the United States, property that comes into the United States, or property controlled by a U.S. person. For foreign nationals, the President can deny visas, exclude them from the United States, and revoke their visas under section 1201(i) of title 8. The President can waive these rules only by sending Congress a written finding that the waiver is either in the vital national security interests of the United States or will help enforce this law, plus a certification that the Russian government has made significant efforts to reduce cyber intrusions. "Significant activities undermining cybersecurity" means major efforts to disable or damage computer systems, to steal or leak information to influence others or for theft of money, trade secrets, IDs, or financial data, and major destructive malware or denial-of-service attacks.

Full Legal Text

Title 22, §9524

Foreign Relations and Intercourse — Source: USLM XML via OLRC

(a)On and after the date that is 60 days after August 2, 2017, the President shall—
(1)impose the sanctions described in subsection (b) with respect to any person that the President determines—
(A)knowingly engages in significant activities undermining cybersecurity against any person, including a democratic institution, or government on behalf of the Government of the Russian Federation; or
(B)is owned or controlled by, or acts or purports to act for or on behalf of, directly or indirectly, a person described in subparagraph (A);
(2)impose five or more of the sanctions described in section 9529 of this title with respect to any person that the President determines knowingly materially assists, sponsors, or provides financial, material, or technological support for, or goods or services (except financial services) in support of, an activity described in paragraph (1)(A); and
(3)impose three or more of the sanctions described in section 8923(c) of this title with respect to any person that the President determines knowingly provides financial services in support of an activity described in paragraph (1)(A).
(b)The sanctions described in this subsection are the following:
(1)The exercise of all powers granted to the President by the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) to the extent necessary to block and prohibit all transactions in all property and interests in property of a person determined by the President to be subject to subsection (a)(1) if such property and interests in property are in the United States, come within the United States, or are or come within the possession or control of a United States person.
(2)In the case of an alien determined by the President to be subject to subsection (a)(1), denial of a visa to, and exclusion from the United States of, the alien, and revocation in accordance with section 1201(i) of title 8, of any visa or other documentation of the alien.
(c)The President may waive the initial application under subsection (a) of sanctions with respect to a person only if the President submits to the appropriate congressional committees—
(1)a written determination that the waiver—
(A)is in the vital national security interests of the United States; or
(B)will further the enforcement of this chapter; and
(2)a certification that the Government of the Russian Federation has made significant efforts to reduce the number and intensity of cyber intrusions conducted by that Government.
(d)In this section, the term “significant activities undermining cybersecurity” includes—
(1)significant efforts—
(A)to deny access to or degrade, disrupt, or destroy an information and communications technology system or network; or
(B)to exfiltrate, degrade, corrupt, destroy, or release information from such a system or network without authorization for purposes of—
(i)conducting influence operations; or
(ii)causing a significant misappropriation of funds, economic resources, trade secrets, personal identifications, or financial information for commercial or competitive advantage or private financial gain;
(2)significant destructive malware attacks; and
(3)significant denial of service activities.

Legislative History

Notes & Related Subsidiaries

Editorial Notes

References in Text

The International Emergency Economic Powers Act, referred to in subsec. (b)(1), is title II of Pub. L. 95–223, Dec. 28, 1977, 91 Stat. 1626, which is classified generally to chapter 35 (§ 1701 et seq.) of Title 50, War and National Defense. For complete classification of this Act to the Code, see

Short Title

note set out under section 1701 of Title 50 and Tables. This chapter, referred to in subsec. (c)(1)(B), was in the original “this title”, meaning title II of Pub. L. 115–44, Aug. 2, 2017, 131 Stat. 898, which is classified principally to this chapter. For complete classification of title II to the Code, see section 201 of Pub. L. 115–44, set out as a

Short Title

note under section 9501 of this title and Tables.

Reference

Citations & Metadata

Citation

22 U.S.C. § 9524

Title 22Foreign Relations and Intercourse

Last Updated

Apr 6, 2026

Release point: 119-73