Facebook, Microsoft, others vow not to aid state cyberattacks

Nearly three dozen tech companies have signed a pledge promising they won't help governments carry out cyberattacks.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
2 min read

Thirty-four companies have agreed not to help governments with cyberattacks.

Ian Knighton/CNET

The tech giants of the world are banding together with a new cybersecurity pledge.

At least 34 tech companies, including Facebook and Microsoft, have signed the Cybersecurity Tech Accord, vowing not to help governments carry out cyberattacks. The agreement comes after a whirlwind year of breaches, cyberattacks and vulnerabilities in 2017.

The accord would include protecting their products to ensure that state agencies can't exploit any weaknesses. WannaCry, the infamous ransomware attack that ensnared hospitals and universities in 2017, spread rapidly thanks to a Windows exploit first discovered by the National Security Agency.

State-sponsored attacks are a national security concern as government-backed hackers look to target elections, power grids and universities. On Monday, the US and UK released a joint warning that Russian hackers were targeting millions of routers around the world in preparation for a future cyberattack.

The accord is a message to governments, letting them know they won't be getting any help from tech companies for their cyberattacks. It's described as a "watershed agreement" from the firms that signed on.

"The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together," Microsoft President Brad Smith said in a statement.

While the list includes multiple tech titans and security companies, a few notable names are missing, such as Google, Apple and Amazon. The accord said it's open to new members. Representatives from the three companies didn't respond to a request for comment.

Part of the agreement also means the 34 companies will share information with each other when a cyberattack does happen, coordinate vulnerability disclosures and create partnerships with security researchers.

Here are the companies that have signed the accord:

  • Facebook
  • Microsoft
  • HP
  • Dell
  • Cloudflare
  • Cisco
  • GitHub
  • LinkedIn
  • HPE
  • Nokia
  • Oracle
  • RSA
  • Symantec
  • Telefonica
  • Nielsen
  • Arm
  • Avast
  • Bitdefender
  • BT
  • CA Technologies
  • ABB
  • Datastax
  • Docusign
  • Fastly
  • FireEye
  • F-Secure
  • Guardtime
  • Intuit
  • Juniper Networks
  • SAP
  • Stripe
  • TrendMicro
  • VMWare
  • Tenable

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Blockchain Decoded:  CNET looks at the tech powering bitcoin -- and soon, too, a myriad of services that will change your life.