The three methods mentioned in the article all require (assuming that the domain and SQL Server have been setup wisely) that the person performing the "attack" has access to a domain account with elevated privileges.
I would not consider these to be attack vectors used by hackers. Most hackers try to get access to the domain by using SQL Server as a stepping stone, not the other way around.
And a DBA that worries about this kind of attacks is like a man that leaves the front door of his house unlocked, with clear pointers to all valuables (TV, computers, jewelry, etc), and then places secure locks on his bedroom door. 🙂