{"id":226198,"date":"2026-06-04T14:11:00","date_gmt":"2026-06-04T18:11:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/your-ai-agent-could-become-your-biggest-insider-threat\/"},"modified":"2026-06-04T14:15:12","modified_gmt":"2026-06-04T18:15:12","slug":"your-ai-agent-could-become-your-biggest-insider-threat","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/your-ai-agent-could-become-your-biggest-insider-threat\/","title":{"rendered":"Your AI agent could become your biggest insider threat\u00a0"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/ai-agent-insider-threat-cybersecurity-dtex\/\">Your AI agent could become your biggest insider threat\u00a0<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/ai-agent-insider-threat-cybersecurity-dtex\/\">https:\/\/cyberscoop.com\/ai-agent-insider-threat-cybersecurity-dtex\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-04 14:11:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>Government agencies, cybersecurity companies and threat researchers are pouring resources into studying how fast-developing AI tools can be wielded by malicious actors to hack into victim organizations.<\/p>\n<p>But as agentic AI becomes more embedded in business infrastructure, there\u2019s also a high possibility that a breach could be caused by an insider guiding the tool, whether maliciously or due to lack of security controls.<\/p>\n<p>In research shared exclusively with CyberScoop, DTEX researchers detail how a common workflow in Anthropic\u2019s Claude Cowork used in corporate environments offers convenience for AI agent deployment but grants near-total access to the system.<\/p>\n<p>Claude Cowork includes tools that let users remotely control their agents.\u00a0One particular tool, known as Dispatch, relays commands from a user\u2019s phone to their desktop Claude agent. It also includes a plugin for communicating with Salesforce AI agents that access and transfer data.<\/p>\n<p>DTEX researchers tested two scenarios. The first prompted Claude to summarize information from Salesforce and paste it into a draft Outlook email. The second tasked the agent with archiving selected files and transferring them via the Cowork app.<\/p>\n<p>In both cases, researchers used simple, single-turn prompts and spent between 10-30 minutes preparing to exfil\u00a0 the data.<\/p>\n<p>Alex Desmond, director of insider threat intelligence and innovation at DTEX, told CyberScoop that both improvements in frontier models and deeper integration of AI tools into IT network operations have reduced the time defenders have to react to a breach.<\/p>\n<p>\u201cIn cyberattacks, you talk about the kind of execution time of adversaries coming in and dropping ransomware, we\u2019re now seeing the kill chain drop to 30 and 10 minutes depending on what they\u2019re doing,\u201d Desmond said. \u201cSix months ago, that was a couple of hours.\u201d<\/p>\n<p>But that speed, when paired with direct access to business networks or cloud services, can also create an insider threat nightmare for organizations that must monitor for both malicious actors and potential mistakes from legitimate employees using the technology.<\/p>\n<p>Over the past few years, western IT and cybersecurity businesses have been inundated with job applicants secretly working on behalf of the North Korean government. Their salaries are used to evade international sanctions and fund Pyongyang\u2019s nuclear program, but it also positions the individuals to access or steal sensitive data or assets from these companies.\u00a0<\/p>\n<p>\u201cYou\u2019ve got a nation-state actor getting into an environment legitimately,\u201d Desmond said. \u201cNow if you gave them access to AI tools on top of that\u2026you\u2019re like \u2018here\u2019s the keys to everything and here\u2019s this awesome tool that\u2019s just going to make your job \u2013 stealing our data \u2013 easier.\u2019\u201d<\/p>\n<p>Tests by DTEX confirmed that the agents indeed had access to sensitive systems, applications and data \u2013 including the ability to download SharePoint corporate data, production documentation in OneDrive, access to Outlook email, Salesforce data (and all the data it can access), and any other files on the user\u2019s endpoint device. For each of these applications, Claude Cowork has a dedicated plugin or API to share externally if prompted. \u00a0To be clear, DTEX\u2019s research does not involve exploiting a software bug or configuration vulnerability, and it doesn\u2019t come with a CVE. It\u2019s more of an IT governance and visibility problem. Businesses are racing to integrate AI tools into their workflow and pushing employees to use the technology while failing to put in place the kind of security controls, access policies and monitoring required to spot problems.<\/p>\n<p>For instance, it may not be possible to determine how a data breach or leakage involving an AI agent actually occurred if an organization is not logging and auditing its prompts \u2013 or whether the incident was the result of an agent running amok or responding to potentially malicious instructions.<\/p>\n<p>While network and cloud monitoring can identify when data is being accessed or downloaded from SharePoint, that may not be a strong enough signal to stand out for defenders.<\/p>\n<p>\u201cIf a user\u2019s normal workflow is to pull sensitive files down to work locally all the time, you don\u2019t have endpoint monitoring and you introduce an AI agent, it then just has access to all that data\u201d along with the ability to exfiltrate it,\u201d Desmond said.<\/p>\n<p>\t\t\tWritten by Derek B. Johnson<br \/>\n\t\t\tDerek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia.\t\t<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Your AI agent could become your biggest insider threat\u00a0 https:\/\/cyberscoop.com\/ai-agent-insider-threat-cybersecurity-dtex\/ Publish Date: 2026-06-04 14:11:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":226200,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/06\/AI-people.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,24,27],"class_list":["post-226198","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226198"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=226198"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226198\/revisions"}],"predecessor-version":[{"id":226202,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/226198\/revisions\/226202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/226200"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=226198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=226198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=226198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}