The recent leak of Pentagon documents included the suggestion that China is developing sophisticated cyber attacks for the purpose of disrupting military communication satellites. While this is unconfirmed, it is certainly possible, as many sovereign nations and private companies have considered how to protect from signal interference.
Expert: TikTok could be a risk to national security
Expert: TikTok could be a risk to national security
Expert: TikTok could be a risk to national security
Although TikTok users consider the app harmless fun, a growing number of cybersecurity experts and elected officials aren’t so sure.
“Many people don’t realize that they, their friends, family, neighbors, or associates are likely to have something that the Chinese government wants and that can compromise or damage the United States,” says Anton Dahbura.
More than 86 million Americans use the social media app TikTok to create, share, and view short videos, featuring everything from cute animals and influencer advice to comedy and dance performances.
Concerned experts point out that TikTok’s parent company, the Beijing-based ByteDance, has been accused of working with the Chinese government to censor content and could also collect sensitive data on users.
To date, at least 14 of the United States have enacted legislation or created rules blocking government computers’ access to the app, and a bipartisan bill introduced in December in Congress seeks a ban on the app for all US users.
Christopher Wray, FBI director, spoke publicly on the issue last month, warning that control of the popular social media app is in the “hands of a government that doesn’t share our values.”
Cybersecurity expert Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute, discusses the issue here:
Critics of TikTok warn that it could be used to collect data
on millions of users. Is this a realistic worry?
Yes, it’s very much a realistic concern. For instance, basic information such as the locations of users of the app can be used by foreign actors to determine whether someone works in a facility that may be of interest, such as a military or other government facility. But manufacturing, high tech, food production, educational institutions, and many other facilities are also of interest. For instance, the Chinese government was accused of a data breach of a Marriott Hotel customer database, allegedly to find out who had been staying there.
The Chinese government has a long history of intellectual property theft, so the scope of what they’re looking for goes well beyond classified information or disruptive attacks, but extends to industrial espionage to obtain proprietary information. And they can quickly sort through millions of records to find the persons that are of interest to them. They have the ability to connect people, so their interest isn’t limited to people who actually work at key facilities, but also their friends, and even people who live nearby or in the same building. Once they have a person of interest, they can use them in different ways to obtain what they want, such as gaining access through nefarious means to an enterprise system where the person works by launching very specific phishing attacks against the person. Sooner or later, they’ll find a way in.
The average person may find it hard to believe that the Chinese government would have any interest in their information. Should they be more concerned?
The Chinese government has the resources to assemble information in ways that most of us haven’t thought of. Many people don’t realize that they, their friends, family, neighbors, or associates are likely to have something that the Chinese government wants and that can compromise or damage the United States. As they say, it’s far better to be safe than sorry.
Some warn that using TikTok could expose Americans to information requests from the Chinese government, though TikTok claims it rigorously protects users’ information and outlines its privacy policies when users enroll. Should users feel their information is secure?
Although the legal aspects of this are outside of my areas of expertise, I would venture to say that all bets are off when it comes to the Chinese government gaining access to Americans’ personal information, regardless of the attempts to set up a legal framework for that access. Any potential security threat would certainly supersede a user agreement.
Some have raised the issue that the app could be used to compromise/alter the software of TikTok users’ devices, potentially even taking control of those devices. Is this a realistic concern?
It’s a possibility, although in the case of the Chinese government, their primary motive is the acquisition of information. They have figured out how to tie pieces of information together for their purposes in ways that most of us had never imagined. FBI Director Christopher Wray has expressed general concerns about the Chinese government having access to the software in phones for cyber operations such as espionage or disruption of computers, mobile devices, and critical infrastructure, but there hasn’t been a specific revelation about this.
How about the notion that ByteDance could manipulate and curate content intended to influence Americans’ views on issues important to China?
This is an issue that we should be concerned about across all social media platforms. There hasn’t been any specific information by the US authorities about TikTok manipulating content. Although FBI Director Wray has expressed general concern, I believe that for the moment we should focus on the larger issue of bias in social media in general, especially when the bias and/or misinformation is amplified by the algorithms the companies use to manage the flow of content.
Why are people so concerned about TikTok and not about Chinese-manufactured Apple products?
The difference is that FBI Director Wray raised the specific issue regarding TikTok and referred to TikTok as a “serious threat.” Of course, the US government has banned the sale and import of communications from a number of telecommunications companies, including Huawei, so when there is a credible threat, we’re seeing the US government take decisive action. To my knowledge, there is no concern about Apple products that are manufactured in China.
Republished from Futurity under a Creative Commons license in the United States. Read the original article.
Lisa Ercolano is the senior writer for the magazine. Prior to joining the Whiting School in 2013, she spent nine years as a media relations representative for the university’s Office of Communications, where she wrote about astronomy and physics, biology, chemistry, psychology, and neuroscience. Her work has appeared in The Baltimore Sun and Tribune Co. newspapers.
Related Articles
Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction
The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned.
Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group, two sources familiar with a Navy summary of the attack told USNI News on Thursday.
There’s no place for impunity in cyberspace
Two years ago, I had the opportunity to chair the first-ever official UN Security Council meeting on cybersecurity. Almost everyone there stressed that all states have already agreed that international law, including the UN charter in its entirety, applies in cyberspace. Only two countries did not. Half a year later, one of those countries, Russia, started its full-scale aggression against Ukraine and violated every rule in the book. For years, we heard predictions that the next big war would be a kind of cyber Armageddon. But instead, Russia brought back large-scale conventional war.