It follows a root-and-branch “war game” exercise by US Cyber firm Safe House Global, which included former CIA and Department of Homeland Security leaders as well as cyber academics.
The popular video-sharing app, owned by Chinese firm Bytedance, boasts 800 million regular users worldwide and gained popularity during the pandemic. According to YouGov, 27 percent of 18-to-24-year-olds in the UK used it regularly last year.
While claims that TikTok currently tracks its users in illegal ways have been disproved, its China links continue to provide deep security fears among Western intelligence agencies.
This is due to key edicts announced by Chinese premier Xi Jinping – including the Civil Fusion strategy and the National Intelligence Law – which take away the right of Chinese-owned firms to ignore the will of their political masters.
Critics point to Chinese billionaire Jack Ma, founder of Alibaba, who “disappeared” for three months after openly criticizing Chinese government policies.
“The ability to micro-target professions or people of interest is a critical component of any threat management programme. There’s already high-level concern about this technology on young military service members, who are all over TikTok,’ said SHG ceo Jeff Carr,
This presents a strategic challenge when it comes to military deployments, “Most soldiers self identify on TikTok – there’s literally a hashtag called ‘military TikTok’.
“People in your unit are going to be on it and showing pictures that include you, It becomes a very rich source of intelligence.”
The three-hour exercise focussed on the premise of the Ministry of State Security – Chinese intelligence – deciding to track US service personnel.
“They could gain advanced information on orders to move to the South China Sea,’‘ he said.
“This is information which soldiers give away, even without meaning to, and it’s their families too. Wives and children, connected in social media streams, may not be as careful. “
While TikTok’s ability to data harvest is considerable, it also combines this with other data sources.
“Your profile is even more extensive than what you post on TikTok itself”, he said,
“The advent of supercomputing means we are able to access one specific data point in a billion, allowing app owners to find the exact right person.”
This vast amount of personal data TikTok harvests could also be used to coerce key individuals.
“It could help Chinese intelligence services recruit individuals who might be open to extortion or financial gain,” he said,
“We see it regularly here in the US – someone struggling with money problems offers to sell information to a foreign government and is caught.”
Or it could be used to target someone with disinformation which urges them to question their loyalties.
Scenarios in the war game to block the threat had mixed results. Creating a secondary app which checks that everything a soldier places on TikTok is safe would most likely be ignored, because users enjoy the app’s easy-to-use interface.
And mounting a counter-strike by deliberately flooding TikTok with false information would have limited affect and risk “enflaming tensions” at a delicate time.
“There is no silver bullet,” he added.
Last year its UK chief Richard Waterworth pledged: “No data is shared or given to the Chinese government, and we wouldn’t give it to them if asked.”