“Security breaches can come from those you least
suspect”
“In the business world you will often hear the statement “We
don’t hire hackers.” When pressed for a reason, the speaker usually
reveals a fear that a “hacker” will install a back door in the
system. Time and time again, however, I have seen back doors
installed by employees or security professionals whose integrity is
never questioned. When confronted, they usually say it’s no big
deal. After all, they have the root password. They just wanted to
set up a root account with a different environment. That’s not
hacking, right? Wrong. Their intention did not matter — the
security of the system has been bypassed.”
“This article discusses how administrative privileges can be
abused and suggests some methods for countering that abuse. It is
not meant to imply that every administrator abuses privileges or
has malicious intent — just that you shouldn’t assume
anything.”