ПАТЕЛЬНЯ

New data is suggesting at least some U.S. adversaries are taking advantage of the hugely popular TikTok video-sharing app for influence operations.

A report Thursday by the Alliance for Securing Democracy (ASD) finds Russia “has been using the app to push its own narrative” in its effort to undermine Western support for Ukraine.

“Based on our analysis, some users are engaging more with Russian state media than other, more reputable independent news outlets on the platform,” according to the report by the U.S.-based election security advocate that tracks official state actors and state-backed media.

“More TikTok users follow RT than The New York Times,” it said.

The ASD report found that as of March 22, there were 78 Russian-funded news outlets on TikTok with a total of more than 14 million followers.

It also found that despite a commitment from TikTok to label the accounts as belonging to state-controlled media, 31 of the accounts were not labeled.

Yet even labeling the accounts seemed to have little impact on their ability to gain an audience.

“By some measures, including the performance of top posts, labeled Russian state media accounts are reaching larger audiences on TikTok than other platforms,” the report said. “RIA Novosti’s top TikTok post so far in 2023 has more than 5.6 million views. On Twitter, its top post has fewer than 20,000 views.”

The report on Russian state media’s use of TikTok comes as U.S. officials are again voicing concern about the potential for TikTok to be used for disinformation campaigns and foreign influence operations.

“Just a tremendous number of people in the United States use TikTok,” John Plumb, the principal cyber adviser to the U.S. secretary of defense, told members of a House Armed Services subcommittee, warning of “the control China may have to direct information through it” and use it as a “misinformation platform.”

“This provides a foreign nation a platform for information operations,” U.S. Cyber Command’s General Paul Nakasone added, noting that TikTok has 150 million users in the United States.

“One-third of the adult population receives their news from this app,” he said. “One-sixth of our children are saying they’re constantly on this app.”

TikTok, owned by China-based ByteDance, has sought to push back against the concerns.

“Let me state this unequivocally: ByteDance is not an agent of China or any other country,” TikTok CEO Shou Zi Chew told U.S. lawmakers during a hearing last week.

“We do not promote or remove content at the request of the Chinese government,” he said, trying to downplay fears about the company’s data collection practices and Chinese laws that would require the company to share that information with the Chinese government if asked.U.S. lawmakers, intelligence and security officials, however, have their doubts.

The top Republican on the Senate Intelligence Committee, Marco Rubio, earlier this month warned that TikTok is “probably one of the most valuable surveillance tools on the planet.”

A day later, Cyber Command’s Nakasone told members of the House Intelligence Committee that TikTok is like a “loaded gun,” while FBI Director Christopher Wray warned that TikTok’s recommendation algorithm “could be used to conduct influence operations.”

“That’s not something that would be easily detected,” he added.

 
…

A Chinese hacking group that is likely state-sponsored and has been linked previously to attacks on U.S. state government computers is highly active and focusing on a broad range of targets that may be of strategic interest to China’s government and security services, a private American cybersecurity firm said in a report Thursday.

The hacking group, which the report called RedGolf, shares such close overlap with groups tracked by other security companies under the names APT41 and BARIUM that it is thought they are either the same or very closely affiliated, said Jon Condra, director of strategic and persistent threats for Insikt Group, the threat research division of Massachusetts-based cybersecurity company Recorded Future.

Following up on previous reports of APT41 and BARIUM activities and monitoring the targets that were attacked, Insikt Group said it had identified a cluster of domains and infrastructure “highly likely used across multiple campaigns by RedGolf” over the past two years.

“We believe this activity is likely being conducted for intelligence purposes rather than financial gain due to the overlaps with previously reported cyberespionage campaigns,” Condra said in an emailed response to questions from The Associated Press.

China’s Foreign Ministry denied the accusations, saying, “This company has produced false information on so-called ‘Chinese hacker attacks’ more than once in the past. Their relevant actions are groundless accusations, far-fetched and lack professionalism.”

Chinese authorities have consistently denied any form of state-sponsored hacking, instead saying China itself is a major target of cyberattacks.

APT41 was implicated in a 2020 U.S. Justice Department indictment that accused Chinese hackers of targeting more than 100 companies and institutions in the U.S. and abroad, including social media and video game companies, universities and telecommunications providers.

In its analysis, Insikt Group said it found evidence that RedGolf “remains highly active” in a wide range of countries and industries, “targeting aviation, automotive, education, government, media, information technology and religious organizations.”

Insikt Group did not identify specific victims of RedGolf, but said it was able to track scanning and exploitation attempts targeting different sectors with a version of the KEYPLUG backdoor malware also used by APT41.

Insikt said it had identified several other malicious tools used by RedGolf in addition to KEYPLUG, “all of which are commonly used by many Chinese state-sponsored threat groups.”

In 2022, the cybersecurity firm Mandiant reported that APT41 was responsible for breaches of the networks of at least six U.S. state governments, also using KEYPLUG.

In that case, APT41 exploited a previously unknown vulnerability in an off-the-shelf commercial web application used by 18 states for animal health management, according to Mandiant, which is now owned by Google. It did not identify which states’ systems were compromised.

Mandiant called APT41 “a prolific cyber threat group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity potentially outside of state control.”

Cyber intelligence companies use different tracking methodologies and often name the threats they identify differently, but Condra said APT41, BARIUM and RedGolf “likely refer to the same set of threat actor or group(s)” due to similarities in their online infrastructure, tactics, techniques and procedures.

“RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally,” he said.

“The group has shown the ability to rapidly weaponize newly reported vulnerabilities and has a history of developing and using a large range of custom malware families.”
…

U.S. Secretary of State Antony Blinken on Thursday urged democracies around the world to work together to ensure technology is used to promote democratic values and fight efforts by authoritarian regimes to use it to repress, control and divide citizens.

Blinken made the comments as he led a discussion on “Advancing Democracy and Internet Freedom in a Digital Age.” The session was part of U.S. President Joe Biden’s Summit for Democracy, a largely virtual gathering of leaders taking place this week from the State Department in Washington.

Blinken said the world is at the point where technology is “reorganizing the life of the world” and noted many countries are using these technologies to advance democratic principles and make life better for their citizens.

He pointed to the Maldives, where court hearings are being held online; Malaysia, where the internet was used to register 3 million new voters last year; and Estonia, where government services are delivered faster and more simply. 

At the same time, Blinken said the internet is being used more and more to spread disinformation and foment dissent. He said the U.S. and its democratic partners must establish rules and norms to promote an open, free and safe internet.

The secretary of state identified four priorities to help meet this goal, including using technology to improve people’s lives in tangible ways, establishing rights-respecting rules for emerging technologies, investing in innovation, and countering the effects of authoritarian governments’ use of digital tools to abuse citizens and weaken democracies.

Since the summit began earlier the week, the White House has emphasized the desire of the U.S. to make “technology work for and not against democracy.”

On Wednesday, the prime ministers of eight European countries signed an open letter to the chief executives of major social media companies calling for them to be more aggressive in blocking the spread of false information on their platforms. The leaders of Ukraine, Moldova, Poland, the Czech Republic, Estonia, Latvia, Lithuania and Slovakia signed the letter.

The statement told the companies their tech platforms “have become virtual battlegrounds, and hostile foreign powers are using them to spread false narratives that contradict reporting from fact-based news outlets.” 

It went on to say advertisements and artificial amplification on Meta’s platforms, which include Facebook, are often used to call for social unrest, bring violence to the streets and destabilize governments.

About 120 global leaders are participating in the summit. It is seen as Biden’s attempt to bolster the standing of democracies as autocratic governments advance their own agendas, such as Russia’s 13-month invasion of Ukraine, and China’s alliance with Moscow.

In a statement as the summit opened Tuesday, the White House said, “President Biden has called the struggle to bolster democratic governance at home and abroad the defining challenge of our time.” 

The statement went on to say, “Democracy — transparent and accountable government of, for, and by the people — remains the best way to realize lasting peace, prosperity, and human dignity.” 
…

An open letter signed by Elon Musk, Apple co-founder Steve Wozniak and other prominent high-tech experts and industry leaders is calling on the artificial intelligence industry to take a six-month pause for the development of safety protocols regarding the technology.

The letter — which as of early Thursday had been signed by nearly 1,400 people — was drafted by the Future of Life Institute, a nonprofit group dedicated to “steering transformative technologies away from extreme, large-scale risks and towards benefiting life.”

In the letter, the group notes the rapidly developing capabilities of AI technology and how it has surpassed human performance in many areas. The group uses the example of how AI used to create new drug treatments could easily be used to create deadly pathogens.

Perhaps most significantly, the letter points to the recent introduction of GPT-4, a program developed by San Francisco-based company OpenAI, as a standard for concern.

GPT stands for Generative Pre-trained Transformer, a type of language model that uses deep learning to generate human-like conversational text.

The company has said GPT-4, its latest version, is more accurate and human-like and has the ability to analyze and respond to images. The firm says the program has passed a simulated bar exam, the test that allows someone to become a licensed attorney.

In its letter, the group maintains that such powerful AI systems should be developed “only once we are confident that their effects will be positive and their risks will be manageable.”

Noting the potential a program such as GPT-4 could have to create disinformation and propaganda, the letter calls on “all AI labs to immediately pause for at least 6 months the training of AI systems more powerful than GPT-4.”

The letter says AI labs and independent experts should use the pause “to jointly develop and implement a set of shared safety protocols for advanced AI design and development that will ensure they are safe beyond a reasonable doubt.”

Meanwhile, another group has taken its concerns about the negative potential for GPT-4 a step further.

The nonprofit Center for AI and Digital Policy filed a complaint with the U.S. Federal Trade Commission on Thursday calling on the agency to suspend further deployment of the system and launch an investigation.

In its complaint, the group said the technical description of the GPT-4 system provided by its own makers describes almost a dozen major risks posed by its use, including “disinformation and influence operations, proliferation of conventional and unconventional weapons,” and “cybersecurity.”

Some information for this report was provided by The Associated Press and Reuters.
…