Concern over TikTok not just about data, but also its algorithm and pushing of certain messaging: US cyber command chief

SINGAPORE: Cyber warfare methods are increasingly sophisticated, and it takes immense preparation and the sharing of information to fend off attacks, the head of the United States cyber command said on Friday (Mar 24).

Speaking to CNA on the sidelines of the Singapore Defence Technology Summit 2023, General Paul Nakasone, commander of the US Cyber Command and director of the National Security Agency (NSA), added that the US is concerned with dual-use technology, such as artificial intelligence (AI), being used to impede free speech.

He said that apart from the data collected, social media apps like TikTok are a concern, as their unique algorithms could be used to push certain messaging.

The three-day event brought together representatives from government, industry and academia to discuss developments in defence and security capabilities.

DIGITAL AND DUAL-USE TECH

General Nakasone said that dual-use technology, such as AI and machine learning, provides both a great opportunity and challenge, and countries should be able to recognise it, adapt quickly to it and employ it in various ways.

Citing influence operations, he said that AI could be used to push a certain narrative, or to influence a particular leaning on a policy or an election.

General Nakasone said cyber threats came to the fore in 2018, when the US Cyber Command and NSA came together to deal with the threat posed by a small Russian group.

“We saw a series of actors operating outside the US trying to influence us with bots and other messages,” he said.

A strategy of quickly identifying the threat, sharing information between agencies, then finally taking action to counter it, has helped the US overcome attacks in 2018, 2020 and 2022 – the years in which America held key elections.

CYBER WARFARE

He said the US wants the Indo-Pacific to be a “free, open and prosperous region”, and is concerned with dual-use technology being used to impede free speech or prevent like-minded nations from building partnerships.

When it comes to social media apps like TikTok, General Nakasome said his agency is concerned not just about the data collected and who controls it, but also the algorithm employed, as it could decide what messaging is disseminated.

“And the final piece is we're concerned about the ability for a foreign nation to have rapid access to millions of phones that are utilising this social application,” he noted.

When asked about the threat posed by China on cybersecurity issues, General Nakasome did not go into specifics. 

He said the US takes all its adversaries seriously with vigilance, and noted that the level of sophistication involved in cyber warfare is one of the takeaways from the ongoing Russia-Ukraine war.

“First of all, these are very difficult operations to actually plan for and most importantly conduct,” he said.

He also acknowledged the “impactful” level of cybersecurity that Ukraine has built up over the past four years.

“Preparation matters. The preparation that Ukraine did in terms of being able to raise the level of cybersecurity, is incredibly important,” he said.

He stressed the importance of partnerships and collaboration not just within the government, but also with foreign partners and private sector players.

“The learning experience really begins with the sharing of intelligence, and being able to share that intel with close partners. That's something we do every single day,” said General Nakasone.

COUNTERING CYBER ESPIONAGE

He said the US is concerned about a range of ways in which cyberattacks can happen, including enemies using ransomware to affect a country’s economy and its citizens’ daily lives.

Another concern is of enemies breaching and gaining control of critical infrastructure, along with the conduct of influence operations that could alter the outcome of elections.

On how the US counters cyber espionage efforts from other countries, General Nakasone said it employs a strategy called “Defend Forward”.

“We have conducted hunt-forward operations at the request of foreign governments to bring in eight to 10 personnel, to actually work with that partner to hunt on their networks, find adversaries' malware, find their tradecraft and then expose it,” he said.

“This has been done in 22 countries on 70 different networks over the past several years.”

Section 702 of the Foreign Intelligence Surveillance Act, or FISA, which lets the US government conduct targeted surveillance of foreign individuals located outside the US, will expire at the end of this year, unless it is reauthorised by Congress.

General Nakasone said the section lists a “very set and defined series of responsibilities”, and is governed by the US constitution and laws.

It is a multi-level operation involving “a series of different overseers”, and is based on the trust and confidence of the American people, he said.

“My message is that we have a culture of compliance (and) being able to follow the rules at the National Security Agency. This is impactful. This is one of the things that I think really warrants the reauthorisation of this act,” he said.