These large tech companies vow not to aid government cyber attacks
Although Microsoft and Facebook pledged their allegiance to the agreement, there were some notable absentees from Silicon Valley Image: REUTERS/Hannibal Hanschke
Microsoft, Facebook and more than 30 other global technology companies on Tuesday announced a joint pledge not to assist any government in offensive cyber attacks.
The Cybersecurity Tech Accord, which vows to protect all customers from attacks regardless of geopolitical or criminal motive, follows a year that witnessed an unprecedented level of destructive cyber attacks, including the global WannaCry worm and the devastating NotPetya attack.
“We recognize that we live in a new world,” Microsoft President Brad Smith said during a speech on Tuesday at the RSA cyber security conference in San Francisco. “We’re living amidst a generation of new weapons, and where cyberspace has become the new battlefield.”
Smith, who led efforts to organize the alliance, said the devastating cyber attacks in 2017 demonstrated the need for the technology sector to “take a principled path toward more effective steps to work together and defend customers around the world.”
It was not clear whether any companies would change their existing policies as a result of joining the accord.
Microsoft did not immediately respond to a series of questions about the accord, including whether the company had previously participated in government-sponsored offensive cyber operations or how the pledge would impact compliance with lawfully obtained surveillance orders in the United States or elsewhere.
The accord also promised to establish new formal and informal partnerships within the industry and with security researchers to share threats and coordinate vulnerability disclosures.
It builds on an idea for a so-called Digital Geneva Convention that Smith rolled out at least year’s RSA conference, a proposal to create an international body to protect civilians from state-sponsored hacking.
Countries, Smith said then, should develop global rules for cyber attacks similar to those established for armed conflict at the 1949 Geneva Convention that followed World War Two.
In addition to Microsoft and Facebook, 32 other companies signed the pledge, including Cisco, Juniper Networks, Oracle, Nokia, SAP, Dell and cyber security firms Symantec, FireEye and Trend Micro.
The list of companies does not include any from Russia, China, Iran or North Korea, widely viewed as the most active in launching destructive cyber attacks against their foes.
Major U.S. technology companies Amazon, Apple, Alphabet and Twitter also did not sign the pledge.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Stay up to date:
The Digital Economy
Forum Stories newsletter
Bringing you weekly curated insights and analysis on the global issues that matter.
More on Industries in DepthSee all
Jane Sun
December 18, 2024