Microsoft, Facebook, HP, and a whole bunch of other major tech companies have signed a new Cybersecurity Tech Accord that aims to defend customers from malicious attacks by cybercriminal enterprises and nation-states. As part of the pledge, 34 companies agree not to help governments "launch cyberattacks against innocent citizens and enterprises" from around the world.
That includes not aiding the US government in such activities, though it doesn't appear to cover the kind of spying activities that former NSA contractor Edward Snowden revealed to the public. Even so, as noted by The New York Times, this can be seen as an effort by Silicon Valley to distance itself from cyberwarfare.
The effort is being spearheaded by Microsoft president Brad Smith.
"The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together," Smith said in a statement. "This tech sector accord will help us take a principled path towards more effective steps to work together and defend customers around the world."
While this is a global effort, most of the companies participating are US firms, such as Cisco, Dell, and Oracle. The pact is also absent some notable names, including Apple and Google, both of which have butted heads with the government over encryption on consumer products. Amazon is not part of the accord, either.
The agreement outlines four areas that companies will work together to improve. They include protecting users and customers everywhere, opposing cyberattacks on innocent people and companies, helping users and customers to strengthen their own cybersecurity protection, and partnering with other groups that have the same goals and ideology.
This effort comes in the wake of two major ransomware attacks last year, including WannaCry, which mainly ravaged hospitals in the UK, and NotPetya, a variation of Petya that mucked with master boot records (MBRs) and the Windows bootloader before encrypting a user's data.
"We called on the world to borrow a page from history in the form of a Digital Geneva Convention, a long-term goal of updating international law to protect people in times of peace from malicious cyberattacks. But as we also said at RSA last year, the first step in creating a safer internet must come from our own industry, the enterprises that create and operate the world’s online technologies and infrastructure," Smith stated in a separate blog post.
In remains to be seen how effective this effort will be, especially without the cooperation of companies in places like China, North Korea, and Russia, all of which have been linked to cyberattacks in the past.
