AI tools pose insider threat risks as integration accelerates

The rapid integration of artificial intelligence tools into business infrastructure presents new avenues for data breaches, not just from external attackers but also from insiders, according to a recent report by CyberScoop.

Researchers from DTEX have detailed how common workflows using AI agents, such as Anthropic's Claude Cowork, can grant extensive access to sensitive corporate data. Tools like Dispatch within Claude Cowork allow remote control of AI agents and can interact with other services like Salesforce, enabling data transfer. DTEX researchers demonstrated that simple prompts could be used to exfiltrate data, with preparation times as short as 10 to 30 minutes. This accelerated timeline, combined with deep integration into IT networks, significantly reduces the window for defenders to detect and respond to threats.

The research highlights that these risks are not solely due to software vulnerabilities but stem from inadequate IT governance, access policies, and monitoring. The potential for insider threats is amplified when legitimate employees, or even state-sponsored actors operating under false pretenses, gain access to powerful AI tools that can streamline data theft. Without proper logging and auditing of AI prompts and agent activities, organizations may struggle to identify the source and nature of data breaches.

Source: CyberScoop