,

Is TikTok a Security Risk? Here’s What We Know

June 8, 2020 • Zachary Amos

Advertisements

TikTok is a social media platform with hundreds of millions of active users around the world. Many of TikTok’s short clips feature upbeat music, wacky dances and people engaging in unusual activities to compete in challenges. That all sounds fun, but recent evidence has people wondering about TikTok security risk potential. Here’s an overview of some concerns associated with the platform. 

U.S. Officials Conducted a National Security Review

TikTok’s owner is a Chinese company called ByteDance. The enterprise acquired the platform — then called musical.ly — in November 2017. The transaction ranged from between $800 million to $1 billion, so certainly a sizeable sum. 

The Committee on Foreign Investment in the United States launched an evaluation of the business deal at the end of 2019 to look for a TikTok security risk to national security. One of the lawmakers who urged the closer look said the American government had evidence of the app sending data to China. A ByteDance representative denied that allegation but said the company would cooperate with the review. 

Soon after that news broke, several government agencies warned employees not to use TikTok on their work devices. That alert came after the Department of Defense (DoD) reportedly issued a non-classified memo openly discussing the TikTok security risk.

Cybersecurity Researchers Uncovered Other Vulnerabilities

Online security experts also wanted to scrutinize TikTok’s coding and functionality to look for possible security flaws. In January 2020, a team at Check Point Research found several. Their coverage of the security shortcomings highlighted the damage hackers could cause to a targeted person’s account. Most of the findings related to account manipulation. 

For example, the researchers indicated that a breach could let the perpetrator delete someone’s videos, upload unauthorized videos, reveal content the user set as private and publicize account details, such as someone’s email address. 

Then, in April 2020, another research team concluded that TikTok’s content delivery network (CDN) uses the nonencrypted HTTP protocol to transfer its media rather than HTTPS, which is secure. The investigators acknowledged that HTTP improves the media transfer performance, but said it compromised user security. Malicious parties can track HTTP traffic and tamper with it by switching out published videos with different ones. 

Fact Checks Determined the TikTok Security Risk Isn’t Unique

TikTok was in the spotlight again in May 2020 when USA Today responded to a viral Facebook post first appearing on April 6. It alleged that TikTok is not secure, and that hackers and traffickers use it extensively. The fact check — enabled in part via a Facebook grant — did not find frequent use of the alleged activities.

It also mentioned that, while the TikTok security risk was real, the platform representatives said they fixed them after becoming aware of the problems. Furthermore, the fact-checkers clarified that any social media usage carries security risks with it. Their research showed that TikTok was not less secure than other sites. 

How Can You Stay Safe While Using TikTok?

People who want to use TikTok safely can start by practicing good internet habits. For example, they should pick strong passwords that are not easy for others to guess. Moreover, they should not leave their devices unattended and always put password protection on them. 

TikTok also offers documentation about its privacy settings on its official website. You can set up restrictions about types of communications, such as comments and direct messages. Also, if you’re reading this due to concern about a young son or daughter using TikTok, consider reading the site’s guidance for parents, which includes details on how to make a profile private. 

Another thing to keep in mind is the potential for exposure to dangerous or misleading content. A Wall Street Journal article discussed how Islamic State militants used TikTok to spread propaganda videos. The platform quickly removed them. 

Other people have weighed in to say that TikTok has more politics-centered posts than it once did. Additionally, whereas other sites have content moderators, some experts familiar with TikTok said it didn’t seem like the site employed fact-checkers. That could mean unverified content spreads more rampantly on TikTok, which could be dangerous for people who won’t take it upon themselves to dig deeper. 

Remain Alert to Avoid the TikTok Security Risk

When using TikTok — or being online in general — always monitor your account and screen it for any suspicious changes. Also, resist the urge to believe everything you read on the platform. See what other sources say on a topic, too. You should regularly find out about any new security issues linked to TikTok and respond accordingly.  As the situation evolves, you can decide whether to keep using the platform or not.

bg-pamplet-2