June 4, 2024 By Jennifer Gregory 3 min read

President Joe Biden signed a bill on April 24, 2024, giving Byte Dance, the Chinese parent company of TikTok, two options: sell TikTok within nine months or face a ban on the app in the United States.

The bill comes after years of concerns that the app increases cybersecurity risk. In March 2024, the House passed a bill banning TikTok, but it was not passed by the Senate. However, in April, Speaker Mike Johnson included the House TikTok bill into a $95 billion foreign aid supplemental plan.

DoD details TikTok cybersecurity concerns

An April 2024 release from the Department of Defense details the federal government’s reasons for putting a ban into action. John F. Plumb, the Assistant Secretary of Defense for Space Policy and Principal Cyber Advisor to the Secretary of Defense, describes TikTok as a potential threat vector to the United States. Unlike American-based social media platforms, the Chinese government states that they will touch data from the platform at any time. According to Plumb, China has used its cyber capabilities to steal sensitive information, intellectual property and research from U.S. public- and private-sector institutions, including the defense industrial base, for decades.

“Chinese cyber intrusions are the most prolific in the world. In crisis, PRC [China’s] leaders believe that achieving information dominance will enable them to seize and keep the strategic initiative, disrupt our ability to mobilize, to project and sustain the joint force and to ensure the PRC’s desired end state,” Plumb said.

Additionally, the concern has increased due to the large number of people using the application. Every day, 150 million users access the app, which equates to one-third of adults and one-sixth of kids. In addition to entertainment and funny videos, many people use TikTok for news and product endorsements, which means the app has a wide influence on users. Army General Paul M. Nakasone, Commander of U.S. Cyber Command, Director of the National Security Agency and Chief of the Central Security Service, said the wide usage provides a foreign nation with a platform for information operations and surveillance and raises concerns in regards to who controls that data.

Review threat detection & response solutions

What happens next with the bill

The bill faces significant challenges, including legal challenges, anti-trust hurdles and public backlash. According to experts, the ban could take years to go into effect if it does. Additionally, questions remain about the FTC’s ability to be involved in the approval of a sale of the company.

Shou Zi Chew, TikTok’s CEO, stated that the company would begin legal challenges to the bill. In a TikTok post, Chew said, “Make no mistake, this is a ban, a ban on TikTok and a ban on you and your voice… We are confident, and we will keep fighting for your rights in the courts. The facts and the Constitution are on our side, and we expect to prevail.” He went on to tell users to share stories about how TikTok impacts their lives to showcase exactly what they are fighting for.

As the bill is written, it will not be illegal for U.S. citizens to have the TikTok app on their phones or to use the social media platform in the country. However, people will no longer be able to download the app from the United States. According to Time, users will still be able to use the app but will not be able to update the app with new versions, security patches and bug fixes, which means that the app will eventually not be usable or secure. While it may be possible to perform these functions over a Virtual Private Network, there are questions about this workaround.

Although a bill has been signed, it will not take effect for at least nine months from now. United States users can still download the app in the country without issue. However, TikTok users should continue to monitor the progress and news regarding the bill.

More from News

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally.The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets.Who is exploiting the NGFW zero-day?As of now, little is known about the actors behind the…

Will arresting the National Public Data threat actor make a difference?

3 min read - The arrest of USDoD, the mastermind behind the colossal National Public Data breach, was a victory for law enforcement. It also raises some fundamental questions. Do arrests and takedowns truly deter cyberattacks? Or do they merely mark the end of one criminal’s chapter while others rise to take their place? As authorities continue to crack down on cyber criminals, the arrest of high-profile threat actors like USDoD reveals a deeper, more complex reality about the state of global cyber crime.…

CISA adds Microsoft SharePoint vulnerability to the KEV Catalog

3 min read - In late October, the United States Cybersecurity & Infrastructure Security Agency (CISA) added a new threat to its Known Exploited Vulnerability (KEV) Catalog. Cyber criminals used remote code execution vulnerability in Microsoft SharePoint to gain access to organizations’ networks. The CISA press release states that “these types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.” However, Microsoft identified and released a patch for this vulnerability in July 2024. Cybersecurity experts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today