The US, Russia, and -- three of today's major cyber-powers -- have not signed an agreement on rules and principles released at the Paris Peace Forum by President Emmanuel Macron.
The pact was signed by 51 countries, 72 companies which are part of The Cybersecurity Tech , 16 companies which are part of The Charter of , 136 other private companies, and 92 non-profit organization, universities, and advocacy groups.
The Paris Call for Trust and Security in Cyberspace, as the agreement has been named, is the most , coordinated effort to date to get countries to agree on a set of international rules for cyberspace -- a so-called Digital Geneva Convention.
Officer Brad Smith has been advocating for such a pact since 2017 after the exec had seen the damage done to the private sector by the NotPetya ransomware outbreak, which was later proved to the work of Russian state cyber-operatives attempting to wreak havoc Ukraine.
The UK, Iran, and North didn't sign either
Besides the US, China, and Russia, and didn't sign the pact either. Only Canada and the UK were the only countries from the Five Eyes intelligence sharing to sign the pact.
Other countries with important and cyber units that didn't sign the pact include Iran, Israel, and North Korea.
Without the signatures of these "heavy hitters," the pact is useless, albeit many suspect it was only a PR stunt. The pact was signed a day after world leaders celebrated 100 years since the end of World War I.
The pact doesn't include any penalties for those who signed yet have broken the agreement's clauses. The document is more of a charter and declaration of intent to sign a future, more comprehensive agreement.
The Paris Call for Trust and Security in Cyberspace proposes the following measures and steps:
- Prevent and recover from malicious cyber activities that threaten or cause significant, indiscriminate or systemic harm to individuals and critical infrastructure;
- Prevent activity that intentionally and substantially damages the general availability or of the public core of the Internet;
- Strengthen our capacity to prevent malign interference by foreign actors aimed at undermining electoral processes through malicious cyber activities;
- Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential information, with the intent of providing competitive advantages to companies or sector;
- Develop ways to prevent the proliferation of malicious ICT and practices intended to cause harm;
- Strengthen the security of digital processes, products and , throughout their lifecycle and supply chain;
- Support efforts to strengthen an advanced cyber hygiene for all actors;
- Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors;
- Promote the widespread acceptance and implementation of international of responsible behavior as well as confidence-building measures in cyberspace.
- Adobe ColdFusion servers under attack from APT group
- US Cyber Command starts uploading foreign APT malware to VirusTotal
- NSA: China is violating antihacking deal it made with US CNET
- Cambodia's ISPs hit by some of the biggest DDoS attacks in the country's history
- The United Nations: "We're all facing the same global cyber-threat"
- Ahead of US midterms, Facebook removes 30 accounts and 85 Instagram profiles