DTEX researchers found that Anthropic’s Claude Cowork can be used to quickly access and move sensitive corporate data through tools like Dispatch, Salesforce plugins, Outlook, OneDrive, and SharePoint. The research highlights how agentic AI can create insider-threat risks when organizations lack logging, monitoring, and access controls, especially as North Korean-linked applicants and other legitimate users may abuse these tools. #Anthropic #ClaudeCowork #DTEX #Salesforce #Outlook #OneDrive #SharePoint #NorthKorea
Keypoints
- DTEX studied how Claude Cowork can expose sensitive business data.
- The Dispatch tool can relay commands from a phone to a desktop agent.
- Simple prompts enabled data exfiltration in 10 to 30 minutes.
- Claude Cowork could access SharePoint, OneDrive, Outlook, and Salesforce data.
- Poor logging and access controls make AI-driven insider threats harder to detect.
Read More: https://cyberscoop.com/ai-agent-insider-threat-cybersecurity-dtex/