you have your pro blackhats…and your noob admins

A couple articles skittered across my desk the other day. Los Angeles traffic engineers admit hacking into traffic light control systems and Rogue IT admin hands former employer’s network over to spammers.

There is lots of talk about the criminality of the black hat underworld and about profit-pursuing hacker groups (although maybe this is just the growing up of the teenage hacker vandals from 10 years ago now needing income), but there is another important set of threats: relatively normal people with access.

This includes former employees that can still use accounts for bad things, easy password guessing, or abuse of legitimate access just, well, because they can. It stems from both negligence and the simple aging of our reliance on technology. Ever wonder how many stale accounts you might have in your organization just because people with knowledge have left? And I’m not talking about obvious stores like LDAP/AD, email, VPN, network devices.