TikTok has announced it is launching a new cybersecurity centre in Ireland, the first of a number of planned ‘Fusion Centres’ designed to respond in real-time to cyberthreats.
The “monitoring, response and investigative” centres will track and react to critical incidents as they unfold, Roland Cloutier, TikTok’s Global Chief Security Officer said in a blog post published on Tuesday (27 July), adding that the company is will bring experts on board to identify risks and future vulnerabilities.
Cybersecurity is an increasing focus for platforms, particularly in the realm of data protection, as large-scale and targeted attacks continue to expose weaknesses. Growing cyberthreats have led to a wide array of approaches by large tech companies when it comes to increasing protections and detecting areas in which they could be vulnerable in the future.
The launch comes in the midst of a global wave of cyberattacks targeting companies of every kind. In July 2020, Twitter was hit by a major cyberattack, which saw 130 accounts, many of them high-profile, taken over and used to solicit bitcoin payments totalling more than $120,000.
The new Dublin centre will expand on TikTok’s existing global security function, currently based in Washington DC.
The centre will “advance our on-platform threat discovery to protect our community; accelerate the delivery of next-generation cyber-threat monitoring, and assemble cyber investigations and working groups to tackle digital crime,” Cloutier added in the post.
The functions that the recruited experts will work on are set to include the development of detection and response mechanisms for incident handling, forensic support and analytical improvements to investigation and reporting.
“It’s crucial the global tech companies play a central role in ensuring the safety of their users,” said Irish Deputy Prime Minister Leo Varadkar.
“This new centre will detect and respond to critical incidents as they happen, and will help improve online safety of TikTok users worldwide,” he added.
Recent months have seen a number of cyberattacks on a global scale. In July a ransomware attack believed to be the largest ever hit hundreds of companies around the world with monetary demands. On 19 July, the US, the EU and NATO accused China of hacking Microsoft’s email servers, an allegation that Beijing denies.
TikTok is not alone in expanding its cybersecurity capacity. After a string of recent data breaches, the GAFAM (Google, Apple, Facebook, Amazon and Microsoft) tech giants have all taken steps to bolster their own cybersecurity and data protection mechanisms.
A spokesperson for Twitter, for example, told EURACTIV that the platform is “always investing in increased security protocols, techniques and mechanisms – it’s how we work to stay ahead of threats as they evolve.”
The GAFAM companies have also recently acquired a number of cybersecurity firms as a way of strengthening their own defences and foresight.
Many of them also utilise “bug bounty” programmes, whereby hackers can receive payouts for discovering and alerting platforms to weaknesses in their infrastructures, allowing companies to address them before they are exploited by malicious actors.
TikTok cites its partnership with HackerOne, a major bug bounty organisation with which Facebook, Twitter and others also work, as another way in which it is strengthening its security. Microsoft, it was recently revealed, paid more than $13.6 million between July 2020 and June 2021 for alerts to more than 1,200 bugs.
Social media companies have also taken steps to increase protections for younger users. Instagram announced new measures on Tuesday to make the accounts of users under the age of 16 private by default. The updates will also prevent them from being contacted by adult accounts deemed to be potentially suspicious, a designation based on, for instance, having been blocked by multiple other teenage users.
[Edited by Josie Le Blond/Luca Bertuzzi]