Malicious employees are a huge threat. It’s much easier to hack an organization from within than from outside.

Trusted and Untrusted Users #

Worst-case scenario is unsecured access to private resources.

trusted user

An account granted authority to perform certain or all administrative tasks

untrusted user

An account granted no administrative powers.

See also: Privileged user agreement

Malicious Users #

• May try packet sniffing
• May probe open ports to learn details about running services, this is known as banner grabbing
• May try to exploit known vulnerabilities of certain devices. MAC addresses have first 24 bits assigned by IEEE. This is known as the Organizationally Unique Identifier