HACKERS or just Curious Users. We all know, they can be External or Internal ones. 

This blog is particularly more concern with Internal Hackers or at least those curious users that may just "try" and "see what happens".

IBM Mainframe has several user ids that can be considered as privileged, and they are valuable attack targets, particularly user ids assigned with the RACF SPECIAL attribute, as it allows to the individual  holding this privilege performs anything he/she wants. This could be more dangerous when resources owned by these RACF SPECIAL IDs are not protected properly. Example of these resource is the ISPF Dataset from these privileged user id. In case, these datasets allows access/permission to general users, this weakness could allow your system to be easily hacked. 

How? 
It is simple, by updating the ISPF Dataset of this SPECIAL user id with a RACF command that would allow a general user to become a privileged one. This can be accomplished easily.

And now the more important question: How to prevent this from happening?
Just review the RACF protection from your ISPF dataset owned by SPECIAL useri ds and ensure they do not provide permission to any other users.