Any government or state agency — domestic or foreign — wishing to carry out a cyberattack will not be getting any help from Facebook, Microsoft, and a slew of 32 other technology companies that have signed the Cybersecurity Tech Accord. Instead, these firms pledge to design products to protect users against cyberattacks.
Although considered a watershed agreement because of the number of signatories, there are still a few notable tech companies absent from the list, including Apple, Google, and Amazon.
Microsoft President Brad Smith views the agreement as a digital Geneva Convention, according to The New York Times.
“We will strive to protect all our users and customers from cyberattacks — whether an individual, organization or government — irrespective of their technical acumen, culture or location, or the motives of the attacker, whether criminal or geopolitical,” the companies said. Additionally, they also strive to oppose cyberattacks, empower users to strengthen cybersecurity protection, and collaborate to enhance cybersecurity.
Also absent from the Cybersecurity Tech Accord are companies from nations that have been responsible for some of the most “devastating attacks of the past year,” Smith said in his interview with the Times, including Russia, North Korea, Iran, and China.
Because American companies are often the first responders to cyberattack issues — Microsoft was seen as an instrumental force in taking down WannaCry, an attack that targeted the British health system — Smith argued that the U.S. has to take leadership. “We need to approach this in a principled way, and if we expect to get governments to do that, we have to start with some principles ourselves.”
“Over the last two years, the accelerating cost of cybercrime means that it is now 23 percent more than last year and is costing organizations, on average, $11.7 million,” Accenture reported. In fact, the number of ransomware — like WannaCry and NotPetya — has also doubled from the year prior.
The accord pledges to “protect against tampering with and exploitation of technology products and services during their development, design, distribution and use.” This is seen as a pushback by the technology industry after former National Security Agency contractor Edward Snowden revealed that the United States government may be intercepting computer hardware and injecting software to collect data.
With elections, power grids, and institutions like universities and hospitals vulnerable, state-sponsored cyberattacks remain a national security concern. The U.S. and U.K. governments released a joint warning earlier this week that Russian hackers are planning an attack on routers around the world for a future cyberattack.
Smith said that the Trump administration has been briefed on the accord.