Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

US Lawmakers Told of Security Risks From China-owned TikTok

US officials on Wednesday stepped up warnings about the potential security risks from the fast-growing, Chinese-owned TikTok as a lawmaker unveiled legislation to ban the social media app from government devices.

US officials on Wednesday stepped up warnings about the potential security risks from the fast-growing, Chinese-owned TikTok as a lawmaker unveiled legislation to ban the social media app from government devices.

At a Senate hearing, officials from the FBI, the Justice Department and Homeland Security said the video-sharing app could become another tool exploited by Chinese intelligence services.

Senator Josh Hawley, who convened the hearing, said he was introducing a bill to ban TikTok from all US government devices, calling it “a major security risk for the American people.”

TikTok, which is especially popular with teens, is believed to have been the most downloaded app worldwide last year, but US officials have expressed concern over its connections with the government in Beijing.

“TikTok is one example of an application where the average citizen doesn’t understand the implications of what’s behind it,” Clyde Wallace, an official in the FBI’s cyber division, told the hearing.

“It’s basically controlled by a state-sponsored actor.”

While the various data points collected by TikTok may not seem sensitive, Wallace said the information may be aggregated and “used for many purposes.”

In his written testimony, Wallace said Chinese-owned social media applications may collect personal data including biometrics, contact lists, location data and bank and credit card details.

Advertisement. Scroll to continue reading.

“Any and all data can be transferred to other locations and associated entities to include the Chinese parent company,” he said.

Bryan Ware, a cybersecurity official at the Department of Homeland Security, echoed those fears, saying that TikTok data could become part of a large database exploited by China.

“China has amazing programs in collection of data and developing artificial intelligence and analytics against that data for purposes that we don’t fully know… and that should give us great concern,” Ware said.

“There’s certainly no place for applications like TikTok on government devices and government networks.”

Adam Hickey, an assistant attorney general in the Justice Department’s security division, said the aggregation of data from TikTok “makes it easier for intelligence services to either recruit or hack into systems used by government employees.”

Samm Sacks, a cybersecurity fellow at the New America Foundation specializing in China, said Chinese regulations may enable the government to “essentially require anything that they want of these companies” even if some privately push back at the requests.

TikTok has said its operations were not influenced by the Beijing authorities.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Register

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.