(Tom: I received this in an emailed newsletter. No shortage of risks in a digital world. Seems the old saw “knowledge is power” cuts both ways. [Pardon the pun.])<\/p>\n
ByteDance is a China-based tech company. They own several smartphone apps but are best known as the parent company of TikTok.<\/p>\n
Now, I don\u2019t have to tell you about the dangers of TikTok, there has been plenty written and recorded about that.<\/p>\n
Yet, ByteDance and any tech company operating in China have to face new challenges in the way they handle cyber security.<\/p>\n
China has imposed a law that requires tech companies to report software flaws to the government.<\/p>\n
Companies must report the flaw within 48 hours, and it has to be reported before it\u2019s fixed (there is an obvious sinister intent to this law, which I\u2019ll talk about in a moment).<\/p>\n
In the case of ByteDance, the company provided the government with \u201csuper user\u201d credentials, giving the government unlimited access to user data.<\/p>\n
Which means, the Chinese government was able to collect the data of any and all U.S.-based users, estimated at over 150 million U.S. TikTok users.<\/p>\n
There is a lot more to this law than meets the eye. So, here are a few reasons why this law could affect users in the U.S.<\/p>\n
State-sponsored hacking:<\/p>\n
There is (obviously) a reason the government wants the information on the flaw before it\u2019s fixed…<\/p>\n
It allows government hackers to get into the database and extract data. This is especially scary for foreign-made software.<\/p>\n
And as you\u2019ve already seen, it\u2019s not just Chinese citizens that will be compromised.<\/p>\n
The Chinese government could infiltrate the software and its users who could be anywhere in the U.S.<\/p>\n
So, if you use any software that is made in China you should pay close attention if the company is ever hacked.<\/p>\n
If there is a security flaw it\u2019s not just hackers you need to worry about, you have to assume the Chinese government has the data as well.<\/p>\n
Collected vulnerabilities:<\/p>\n
It\u2019s no secret that the Chinese government has massive cyber hacking operations.<\/p>\n
While the Chinese hackers are good at what they do they aren’t perfect.<\/p>\n
But now they\u2019ll have access to the latest security flaws from tech companies around the world.<\/p>\n
By getting information on security issues that tech companies are facing, the hackers are essentially being given blueprints for hacking operations in the future.<\/p>\n
So, if there was a hacking method the Chinese hackers missed or overlooked, they would learn about it from the tech companies being forced to self-report.<\/p>\n
Foreign companies also comply:<\/p>\n
There are plenty of U.S. companies that have offices and operations in China.<\/p>\n
But even though these companies are not based in China they are still required to follow the law \u2013 it’s the cost of doing business there.<\/p>\n
There have been reports that some foreign tech companies have already started complying with the law.<\/p>\n
They\u2019ve had to open their software to the Chinese government and its hackers, these companies have no choice unless they want to leave China.<\/p>\n
Which means, even if a company is based in the U.S, it still may be forced to share security flaws with the Chinese government or be shut out of doing business there.<\/p>\n
This intrusive Chinese law, and forced compliance, requires you to be even more vigilant when it comes to your security online.<\/p>\n
That\u2019s why I continue to use a simple, proven method to keep my personal and private information shielded from prying eyes and hackers.<\/p>\n
Jason Hanson<\/p>\n
Editor, Black Bag Confidential<\/p>\n","protected":false},"excerpt":{"rendered":"
(Tom: I received this in an emailed newsletter. No shortage of risks in a digital world. Seems the old saw “knowledge is power” cuts both ways. [Pardon the pun.]) ByteDance is a China-based tech company. They own several smartphone apps but are best known as the parent company of TikTok. Now, I don\u2019t have to … <\/p>\n