The field of international relations has been tensed over the last few days after events in and around Syria.
Russia has been blamed by Britain and the U.S. for global cyber attacks, according to Reuters.
“Washington and London issued a joint alert saying the campaign by Russian government-backed hackers was intended to advance spying, intellectual property theft and other ‘malicious’ activities and could be escalated to launch offensive attacks.”
A year ago, Microsoft’s Brad Smith called for a global ‘’Geneva Convention’’ on cyberwarfare.
Smith emphasized on the need for international cooperation. “While there is no perfect analogy, the world needs an organization that can address cyber threats in a manner like a role played by the International Atomic Energy Agency in the field of nuclear non-proliferation. This organization should consist of technical experts from across governments, the private sector, academia and civil society with the capability to examine specific attacks and share the evidence showing that a given attack was by a specific nation-state. Only then will nation-states know that if they violate the rules, the world will learn about it.”
That initiative saw 34 leading companies promising equal protection for customers worldwide. According to Cybersecurity Tech Accord’s website, they came together this week to make a pledge “to defend against misuse of their technology; promise to protect all customers regardless of nationality, geography or attack motivation.”
The companies made commitments in four areas.
They will mount a stronger defense against cyber attacks. As part of the initiative, they acknowledged that everyone deserves protection. The companies pledged to protect all customers worldwide regardless of the motivation behind the online attacks.
The companies will not help any government launch cyber attacks against innocent citizens and enterprises. They will protect against tampering or exploitation of their products and services in every stage of technology development, design, and distribution.
They will do more to empower the developers, people, and businesses that use their technologies. The companies would help them improve their capacity to protect themselves. This may include joint work on new security practices and new features that the companies can deploy in their individual products and services.
These global companies will build on existing relationships. They would establish new formal as well as informal partnerships with industry, civil society, and security researchers. The motive behind this effort is to improve technical collaboration, coordinate vulnerability disclosures, share threats, and minimize the possibility of malicious codes to be introduced into the cyberspace.
The list of signatories was as notable for those who have joined—Facebook, Arm, Trend Micro, Cisco, Juniper, Microsoft, Dell—as for those whose absence has been commented on—Apple, Google. Equally telling is the fact that none of them are from countries that are accused of state-sponsored activities or being a “safe base” for criminal operations.
This is perhaps the last gasp of the “wild west” internet. The self-policing, self-sufficient pioneering days are gone. The settlers have arrived together with those who would exploit them. However, the entire machinery of government, law enforcement, and protection for citizens is beginning to assemble.
It is not time yet, though, to assume that the safeguards are in place and that you can rely on the internet being policed and protected. The takeaway is that we all must be more vigilant about our digital life, digital presence, and digital assets. We must take as much care on the mean streets of the web as we do in the real world.