The corporate world’s adoption of the gig economy – where businesses build up human resources for short-term activities – could lead to the rise of a new attack vector for cybercriminals, according to Threatpost
“They’re coming in and they’re going out, and they’re doing specialty kinds of activities – so they’re different than contract workers. They’re most often going to be using their own laptops and their own collaboration
tools, and they’re going to take your data, and perhaps put it in their storage,” said James Christiansen, vice president of information risk management at Netskope.
For instance, a gig worker tasked to perform coding tasks for various firms could easily outsource his work to another organization, opening affected companies up to theft of proprietary code or to organizations injecting malicious backdoors into their code. Companies could also lose their competitive advantage if a gig worker suddenly shares the code they are working on into an open-source repository, Christiansen explained.
“If you spent maybe $100,000 in developing a new routine, and someone uploads it to GitHub, it may be used as an open-source tool the very next day,” Christiansen said.