Scroll to read more

While talk of a possible U.S.  ban of TikTok has been tempered of late, concerns still linger around the app, and the way that it could theoretically be used by the Chinese Government to implement varying forms of data tracking and messaging manipulation in Western regions.

The latter was highlighted again this week, when Meta released its latest “Adversarial Threat Report”, which includes an overview of Meta’s latest detections, as well as a broader summary of its efforts throughout the year.

And while the data shows that Russia and Iran remain the most common source regions for coordinated manipulation programs, China is third on that list, with Meta shutting down almost 5,000 Facebook profiles linked to a Chinese-based manipulation program in Q3 alone.

As explained by Meta:

“We removed 4,789 Facebook accounts for violating our policy against coordinated inauthentic behavior. This network originated in China and targeted the United States. The individuals behind this activity used basic fake accounts with profile pictures and names copied from elsewhere on the internet to post and befriend people from around the world. They posed as Americans to post the same content across different platforms. Some of these accounts used the same name and profile picture on Facebook and X (formerly Twitter). We removed this network before it was able to gain engagement from authentic communities on our apps.”

Meta says that this group aimed to sway discussion around both U.S. and China policy by both sharing news stories, and engaging with posts related to specific issues.

“They also posted links to news articles from mainstream US media and reshared Facebook posts by real people, likely in an attempt to appear more authentic. Some of the reshared content was political, while other covered topics like gaming, history, fashion models, and pets. Unusually, in mid-2023 a small portion of this network’s accounts changed names and profile pictures from posing as Americans to posing as being based in India when they suddenly began liking and commenting on posts by another China-origin network focused on India and Tibet.”

Meta further notes that it took down more Coordinated Inauthentic Behavior (CIB) groups from China than any other region in 2023, reflecting the rising trend of Chinese operators looking to infiltrate Western networks.  

“The latest operations typically posted content related to China’s interests in different regions worldwide. For example, many of them praised China, some of them defended its record on human rights in Tibet and Xinjiang, others attacked critics of the Chinese government around the world, and posted about China’s strategic rivalry with the U.S. in Africa and Central Asia.”

Google, too, has repeatedly removed large clusters of YouTube accounts of Chinese origin that had been seeking to build audiences in the app, in order to then seed pro-China sentiment.

The largest coordinated group identified by Google is an operation known as “Dragonbridge” which has long been the biggest originator of manipulative efforts across its apps.

Dragonbridge

As you can see in this chart, Google removed more than 50,000 instances of Dragonbridge activity across YouTube, Blogger, and AdSense in 2022 alone, underlining the persistent efforts of Chinese groups to sway Western audiences.

So these groups, whether they’re associated with the CCP or not, are already looking to infiltrate Western-based networks. Which underlines the potential threat of TikTok in the same respect, given that it’s controlled by a Chinese owner, and therefore likely more directly accessible to these operators.

That’s partly why TikTok is already banned on government-owned devices in most regions, and why cybersecurity experts continue to sound the alarm about the app, because if the above figures reflect the level of activity that non-Chinese platforms are already seeing, you can only imagine that, as TikTok’s influence grows, it too will be high on the list of distribution for the same material.

And we don’t have the same level of transparency into TikTok’s enforcement efforts, nor do we have a clear understanding of parent company ByteDance’s links to the CCP.

Which is why the threat of a possible TikTok ban remains, and will linger for some time yet, and could still spill over if there’s a shift in U.S./China relations.

One other point of note from Meta’s Adversarial Threat Report is its summary of AI usage for such activity, and how it’s changing over time.

X owner Elon Musk has repeatedly pointed to the rise of generative AI as a key vector for increased bot activity, because spammers will be able to create more complex, harder to detect bot accounts through such tools. That’s why X is pushing towards payment models as a means to counter bot profile mass production.

And while Meta does agree that AI tools will enable threat actors to create larger volumes of convincing content, it also says that it hasn’t seen evidence “that it will upend our industry’s efforts to counter covert influence operations” at this stage.

Meta also makes this interesting point:

“For sophisticated threat actors, content generation hasn’t been a primary challenge. They rather struggle with building and engaging authentic audiences they seek to influence. This is why we have focused on identifying adversarial behaviors and tactics used to drive engagement among real people. Disrupting these behaviors early helps to ensure that misleading AI content does not play a role in covert influence operations. Generative AI is also unlikely to change this dynamic.”

So it’s not just content that they need, but interesting, engaging material, and because generative AI is based on everything that’s come before, it’s not necessarily built to establish new trends, which would then help these bot accounts build an audience.

These are some interesting notes on the current threat landscape, and how coordinated groups are still looking to use digital platforms to spread their messaging. Which will likely never stop, but it is worth noting where these groups originate from, and what that means for related discussion.

You can read Meta’s Q3 “Adversarial Threat Report” here.