Scribd Logo
Upload

Welcome to Scribd!

  • 16 views

    Risk Assessment

    Uploaded by

    Kristine Mae Anastacio
    The risk assessment identifies several threats to TikTok, including XSS attacks, cybersecurity threats, and threats to national security. The key vulnerabilities are social engineering attacks via SMS that could manipulate users' accounts. Participants in the risk assessment include TikTok developers and users. Recommended controls include securing accounts, avoiding revealing videos, and using safe filters to reduce risks of personal information being shared or accounts being hijacked. The risk assessment evaluates these threats and controls to help prevent security issues and inform safe usage of the TikTok app.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Risk Assessment

    Uploaded by

    Kristine Mae Anastacio
    16 views3 pages
    The risk assessment identifies several threats to TikTok, including XSS attacks, cybersecurity threats, and threats to national security. The key vulnerabilities are social engineering attacks via SMS that could manipulate users' accounts. Participants in the risk assessment include TikTok developers and users. Recommended controls include securing accounts, avoiding revealing videos, and using safe filters to reduce risks of personal information being shared or accounts being hijacked. The risk assessment evaluates these threats and controls to help prevent security issues and inform safe usage of the TikTok app.

    Original Description:

    Original Title

    RISK ASSESSMENT

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The risk assessment identifies several threats to TikTok, including XSS attacks, cybersecurity threats, and threats to national security. The key vulnerabilities are social engineering attacks via SMS that could manipulate users' accounts. Participants in the risk assessment include TikTok developers and users. Recommended controls include securing accounts, avoiding revealing videos, and using safe filters to reduce risks of personal information being shared or accounts being hijacked. The risk assessment evaluates these threats and controls to help prevent security issues and inform safe usage of the TikTok app.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    16 views3 pages

    Risk Assessment

    Uploaded by

    Kristine Mae Anastacio
    The risk assessment identifies several threats to TikTok, including XSS attacks, cybersecurity threats, and threats to national security. The key vulnerabilities are social engineering attacks via SMS that could manipulate users' accounts. Participants in the risk assessment include TikTok developers and users. Recommended controls include securing accounts, avoiding revealing videos, and using safe filters to reduce risks of personal information being shared or accounts being hijacked. The risk assessment evaluates these threats and controls to help prevent security issues and inform safe usage of the TikTok app.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    Risk Assessment

    I. AUDIT

    DESCRIBE THE PURPOSE OF THIS RISK ASSESMENT


    TikTok is a popular social media app that allows user to watch, create and share 15-second videos shot on cellphones. it's not just teens, but people who are
    bored during the quarantine days are all in tiktok dance challenge. Risk assessment in Tiktok is very useful because it will test if this social media platform is
    risky or not. It can also help people who are using tiktok or planning to use tiktok to know if they need to delete it and never ever download it to protect
    everyone’s security.

    DESCRIBE THE SCOPE OF THE RISK ASSESMENT


    Senators want investigation into tiktok security. Include knowing the risk that tiktok might have, in digital or human. Also to identify what might be the possible
    control if we discovered risk in tiktok.

    LIST ALL PARTICIPANTS INCLUDING ROLE IN THE RISK ASSESSMENT (e.g. system owner, system custodian etc.)
    Tiktok developer – they are the one who create the challenge in the tiktok also the creator of it. They connect the creators and communities. They are the
    possible Suspect if there is a risk discovered in tiktok.
    TIktok user – they are the one who use it, who show and share their passion and creative expression though their videos. They are the possible victim if there
    is a risk discovered in tiktok.

    DESCRIBE KEY TECHNOLOGY COMPONENTS INCLUDING COMMERCIAL SOFTWARE


    Internet connection – In order for the user to use the app and uploads videos.
    Tiktok apps – to have an account download first the app.
    Software of tiktok

    DESCRIBE HOW USERS ACCESS THE SYSTEM AND THEIR INTENDED USE THE SYSTEM
    Users can access and edit most of your profile information by signing into tiktok. So you must have the account, Create first your tiktok account and you can
    now access in the tiktok world. You can now follow other users and watch their videos too. They tended to use tiktok for entertainment, to avoid boredom
    strikes.

    Page 1 of 3
    II. RISK ASSESSMENT
    WHAT ARE THE IDENTIFIED THREAT SOURCE AND VULNERABILITY?
    Based on my research, tiktok is vulnerable to XSS attacks, a type of attack in which malicious scripts are injected into otherwise benign and trusted websites. It
    is also subject to Cybersecurity threat and also a threat to national security.
    Severe SMS security threat, it could trick any user on the tiktok network, bad actors can use social media to distribute malicious activity, because the usage is
    so high, it is an easy gate to penetrate an asset.
    By manipulating an option for a user to SMS themselves a link to the app, an attacker could send a different link to a different user.

    THREAT SOURCE/VULNERABILITY (Put check inside the box.)

    Hardware Fault / Software Fault / Human Error / Intentional Outside Error / Intentional Insider Others:

    EXISTING CONTROLS
    The Department of Defense advised military personnel to remove the Chinese-owned social media application from government-issued and personal
    smartphones to avoid the cybersecurity threats.

    RISK RATING

    A. Consequence

    / High Medium Low

    B. Likelihood

    / Very Likely Likely Unlikely Highly Unlikely

    C. Risk Rating

    / High Medium Low

    RECOMMENDED CONTROLS

    Page 2 of 3
    Recommended controls or alternative options for reducing risk
    Secure your account and never upload a video that shows and reveal your body, it might be used against you. And if it is okay, don’t use the invisible challenge
    and reveal your body because the developer can see you and that cause a big trouble if they spread it to the public.

    RECOMMENDATIONS
    Use the other filter that is safe, Do not make a video that is almost show your body to gain popularity, it might give shame on you.

    SUMMARY

    How was the risk assessment done?


    A security flaw in tiktok app was found. It is said that hackers use text messages to control accounts and manipulate it’s content, upload and delete videos and
    reveal personal information to the public. Using this risk assessment, the recommended controls can help existing controls to prevent the risk/hazard.

    What further
    What are the Who might be harmed What are you already Action by Action by Done
    action is
    hazards/risk? and how? doing? whom? When? [mm/dd/yyyy
    necessary?
    Cybersecurity The users and its gadgets Limit the use of tiktok or Know what is safe By the user When using tiktok 4/8/2020
    threats delete the tiktok app and use it. Don’t be app
    National security Users and gadgets Limit the information that Delete the filter that By the user When using tiktok 4/8/2020
    you give on tiktok. is unsafe. app

    Page 3 of 3

    You might also like