What is Hacking?
Misconception: "Why would a hacker target me?"
Reality: Hackers leverage Software-as-a-Service (SaaS) models, just like a legitimate business would. They don't know all of the people they reach and they certainly can't filter out any one individual, if they even wanted.
Hacking by modern definitions is making a computer system or software behave in a way that it wasn't intended by the manufacturer. By that definition, a hacker can be a child that discovered turning off their smartphone's location services allows them to get a higher score in a game.
Originally, as early as the late 1970's, so the story goes, a "hack" was an unconventional programming behavior, which either used existing libraries in an unintended way, or that attempted to create its own libraries during execution. In programming early on, a technique like that simplified an otherwise complex process was called a "hack" in the modern sense of a shortcut for convenience or improved functionality.
Fast forwarding to present day, the word "hack" carries both this positive use to simplify a process, and also the cyberthreat use as a means to perform unwanted actions on a digital system owned by someone else. However, the common image of a "hacker", that young punk in a black hoodie, surrounded by empty cans of soda in a dark room is both true and also misleading. There absolutely are solo hackers that bang away at keyboards for days at a time. That stereotype undermines the reality that just about anyone that uses a computer or smart device regularly has the fundamental skills that can make a successful hacker.
Hacking is an industry, just like contracting, banking, manufacturing, or software development. Some of the biggest hacker organizations have salaries, HR departments, benefits packages, paid vacation incentives, and IT help desks, exactly the way that the biggest legitimate corporations do. Along those same lines, hacking is an industry with a complex and modern supply chain, where organizations of all sizes and independent contractors, and governments, buy and sell tools and software. The incentive comes from all imaginable sources for an individual to break into computer crime, and equally as appealing to organizations that don't take ethics seriously.
In the same way that a legitimate business might use a tax and accounting software online in a Software-as-a-Service (SaaS) model, simply paying a monthly fee for access to a large set of tools and features, hackers have access to similar services for hacking. Imagine any of the modern business tools your organization uses to conduct your operations. Hackers have an equivalent. There are marketplaces to buy and sell access, extensions, apps, devices, accessories, and even job boards for hackers. Hacking tools and services are just as user-focused and automated as anything a legitimate business uses. The reality is that someone that has limited technical know-how is capable of reaching out into the internet and probing for vulnerable devices actively and continuously.
It is often the case that a hacker, or a hacking organization doesn't know the identity of the victim at all. That it takes time to uncover the full scale of their victim's systems, let alone interpret the data from a single victim among many in order to understand who they've managed to gain access to. The goal for many hackers is speed and volume, hitting many victims and quickly translating that access into profit.
A common misconception is to ask, "Why would a hacker target me?"
The reality of the current cyber threat environment is, "How could a hacker possibly have the technical skill, time, and concern for your privacy to filter your systems out of their attacks?"
Hak5 (an ethical hacking research organization founded in 2005) Addresses why hackers attack anyone.
Chris Nickerson (career hacker, red team expert) defines the term "hacker"