The corporate world’s adoption of the gig economy – where businesses build up human resources for short-term activities – could lead to the rise of a new attack vector for cybercriminals, according to Threatpost.
“They’re coming in and they’re going out, and they’re doing specialty kinds of activities – so they’re different than contract workers. They’re most often going to be using their own laptops and their own collaboration tools, and they’re going to take your data, and perhaps put it in their storage,” said James Christiansen, vice president of information risk management at Netskope.
For instance, a gig worker tasked to perform coding tasks for various firms could easily outsource his work to another organization, opening affected companies up to theft of proprietary code or to organizations injecting malicious backdoors into their code. Companies could also lose their competitive advantage if a gig worker suddenly shares the code they are working on into an open-source repository, Christiansen explained.
“If you spent maybe $100,000 in developing a new routine, and someone uploads it to GitHub, it may be used as an open-source tool the very next day,” Christiansen said.
Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.
Google Cloud recently introduced Community Security Analytics (CSA), a set of open-sourced queries and rules for self-service security analytics geared toward helping security teams detect common cloud-based threats.