- Why DNSFilter
by Kory Underdown on Mar 17, 2023 12:00:00 AM
TikTok is the latest buzzword—you can’t go a day without hearing something in the news about the app’s users, content produced on TikTok, or the numerous questions of privacy and security. And it’s no secret that TikTok’s popularity has woven the app into everyday life personally, politically, and professionally. However, this may not be such a good thing.
Recent statements from the FBI about TikTok’s threat to national security have furthered concerns about how the app’s parent company, ByteDance, is using the data it collects.
Thirty-two states in the United States have already banned the app on government devices due to these concerns, and now President Biden is calling for a possible nation-wide ban unless ByteDance makes a sale.
You might be wondering: Why is TikTok a security threat?
ByteDance, TikTok’s parent company, is a Chinese internet company. In 2017, China implemented the National Intelligence Law that requires companies to hand over any data that could be relevant to their national security.
While there doesn’t appear to be any evidence that any data has actually been turned over by TikTok, China’s government could potentially gain access to personal user data of the 100 million Americans that use TikTok.
And in December of 2022, security concerns grew after the announcement that ByteDance fired four employees who inappropriately gained access to personal data, including IP addresses, of two journalists.
With security at the core of DNSFilter, we took a deep dive into what is happening on our networks when it comes to TikTok-related activity. The results were somehow both surprising and predictable.
Disclaimer: While our data is aggregated and just a snapshot of the internet, we get a clear picture of online trends since we have over 26 million monthly users.
Notably, after ByteDance’s announcement mentioned above, and the ban of TikTok on government devices, we saw a 1230% increase in total blocked DNS queries relating to TikTok. Total TikTok traffic didn’t increase during this period—this tells us that organizations are following suit and blocking TikTok on their networks.
While blocked TikTok DNS queries started to come back down on March 6, 2023, it’s worth mentioning that the total blocked traffic is still up 314% compared to pre-January levels.
In looking at the domain data, we also noticed a 650% increase in malicious TikTok activity (domains that include “tiktok” in the domain name) during the same period. While we don’t have an identifiable cause for this increase, it serves as a clear example of TikTok’s inherent risks. It also shows us that threat actors are taking advantage of TikTok’s consistent news presence, meaning internet users should be more aware of potential phishing attempts related to TikTok.
Our CEO, Ken Carnesi, has been keeping a close eye on TikTok over the last two years and had this to say regarding recent requests for ByteDance to sell TikTok: “The magnitude of blocked traffic is a clear example of the popular social media app’s inherent national security risks. This includes recent national security concerns outlined by the Biden Administration and their demand for TikTok’s Chinese ownership to sell the app or face a possible ban. While similar risks exist with other platforms and vendors, most don’t collect the same level of personal information from their users. Furthermore, they are also not typically in adversarial nations, particularly one like China, where the State maintains close access to all corporations’ business operations.”
With all of the recent domain activity and news around TikTok’s security risks, the DNSFilter team has been hard at work to add TikTok as the 84th app in our application blocking feature, AppAware.
Many organizations have been ahead of the curve and manually adding TikTok domains to their DNSFilter block policies, as you can see in the data above. Now, rather than managing cumbersome block lists for the many, many domains and subdomains of TikTok, you can block the entire app with one click.
With AppAware, you’ll gain insights into the specific apps your users are accessing–-including TikTok. Full query data is available to you as well, but AppAware’s reporting allows for all TikTok domains to roll up into an “application” view for a more streamlined look into your DNS data.
Try DNSFilter free for 14 days and see for yourself how easy it is to block apps like TikTok with AppAware.
The impending Cisco Umbrella RC End-of-Life has many Umbrella users concerned about their next steps and questioning which protective DNS solution might be able to fill the gap for their organization.
This month there was a high level of focus on compliance issues spanning several focus areas from governments and oversight agencies around the world. And while there were actions taken with regard to specific vulnerabilities, a larger spotlight was placed on bigger picture security considerations in a more general context.
TL;DR: SASE is broadening—it is about more than just access! It is about endpoint protection and user-based access…and it's called Security Service Edge (SSE). All of the aspects of the joint NSA and CISA guidance on Protective DNS (PDNS) and user-level policies are part of the secure category, originally launched by Gartner in January 2022. Regardless, it’s been interesting to see the NSA and CISA create guidance recognizing the breadth of cyber...