PM & AI Chronicles

From Product Thinking to Prompt Engineering – One Tool at a Time

Inside the Mind of a Hacker 🕵️‍♂️🧠: Who They Are and What Drives Their Attacks 🔥

The World of Hackers 🕵️‍♂️🌐: What They Want & How They Try to Get It ❓🧠

This article is part of the Security Concepts & Threats series, which explores the fundamentals of protecting data, people, and devices in a connected world. For the full overview of how modern risks, defenses, and access controls fit together, refer to the main article in this series. 👉 Security Concepts&Threats

What Exactly Is Hacking? 🔍

Hacking refers to a wide range of computer crimes where someone gains unauthorized access to a system or its data. The intent is usually to steal information, cause damage, spy on someone, or embarrass the rightful owner of the device or account.

To keep it simple: If someone enters a system they don’t have permission to access, it’s hacking.

Examples of Hacking Attempts 🎯

  • Breaking into someone’s email account to read private messages.
  • Stealing credit card info by hacking an online shopping site.
  • Guessing or cracking weak passwords to log into systems.
  • Installing malware on someone’s computer to spy on them.
  • Creating fake websites to trick users into entering login details.
  • Intercepting data on an unsecured public Wi-Fi network.
  • Accessing company servers through an open or misconfigured port.
  • Using ransomware to lock files and demand money.
  • Breaking into cloud accounts to steal stored documents/photos.
  • Taking over a social media account to impersonate the user.

Originally, the word hacker referred to

 A computer expert who deeply understands how systems work and enjoys experimenting, learning, and building things.

This is actually a positive, harmless meaning — the old-school meaning.

But over time, the criminal meaning became more common: Someone who breaks into systems for illegal purposes.

How Hackers Try to Break Into Systems ⛓️‍💥

Here, you’ll see the common ways hackers find weaknesses in systems..

Targeting System Files 🗂️

  • If a hacker gains access to certain system files, they may extract administrator passwords.
  • Preventive step 🛡️: Use BIOS-level security or UEFI password protection to prevent unauthorized booting from USB/DVD drives.

Exploiting Wireless Networks 📶

  • Wireless networks are convenient — but risky if unprotected. Hackers often look for open Wi-Fi, weak passwords, or outdated encryption.
  • Preventive step 🛡️: Use WPA2/WPA3 👉 Securing your Wifi.

Attacking Open Ports 🌐

  • Open or unused network ports are doorways into a system.
  • Preventive step 🛡️: Firewalls filter or block unnecessary ports.

Using Malicious Software 🦠

  • Hackers trick users into installing harmful software that:
    • steals data
    • tracks activity
    • creates more security holes
    • allows remote control
  • Preventive step 🛡️: Antimalware, safe browsing habits, and caution with downloads.

What Are Hackers Really After?

Most criminal hackers have two major motivations:

  • Money — stealing data, demanding ransom, selling information, or abusing systems for profit.
  • Damage/Disruption — harming businesses, ruining reputations, or causing chaos.

They know data is the most valuable asset companies own. And since nearly everything today is digital, the number of targets is huge. Below are four key areas that hackers are especially attracted to.

Data and Information as an Asset 📝💎

Companies and individuals store vast amounts of data, and much of it can be extremely valuable to hackers—especially those trying to make money. Data generally falls into two categories

Critical Data 🚨📝

This is the information that has real monetary value, both for legal and illegal purposes. Hackers actively look for this type of data because it can be sold, misused, or used to break into other accounts. Examples include:

  • usernames and passwords
  • bank or payment details
  • personal identity information (SSN, phone numbers, email addresses)
  • financial documents
  • digital products
  • intellectual property (IP)
  • product designs or plans

Critical data must always be protected.

Non-Critical Data 📝🔵

This is data that, if stolen or lost, won’t cause serious harm or significant financial impact. Examples include:

  • A company’s holiday party schedule or event calendar.
  • A menu from a restaurant website. (if it’s already public)
  • A company’s public marketing brochure is already available online

Data as a Driver of Business Decisions ⚖️🏢

Today, it’s impossible to overstate how much companies rely on data to make decisions. Many businesses collect huge amounts of data about their customers, products, sales, and operations. This information helps them understand what is happening inside the company and how people interact with their products. To do this, companies:

  • collect data from customers, websites, apps, and services
  • store it in large databases
  • analyze it to find patterns and trends

These patterns are called data correlations — when two data points move together in some way.

All of this data can be extremely valuable to the company… and to its competitors.

Why Data Matters So Much 📊

Better Business Decisions ⚖️

Companies use data to decide everything from what product to build next to how much inventory to order. If the data is missing, wrong, or stolen, the company could make bad decisions that cost millions.

Example:

  • A clothing company thinks red T-shirts are selling well because their data shows high sales.
  • But if the data is wrong or tampered with, they may manufacture thousands more red T-shirts, only to discover no one wants them.
  • That’s a huge financial loss.

Meaningful Reporting 📊

Management relies on accurate reports to decide how to grow the company. These reports translate raw data into insights and actions.

Example:

  • If a CEO sees a report showing “Customer complaints have dropped by 30%,” they may decide to reduce spending on customer support.
  • But if that data were incorrect or manipulated, this could lead to disaster.
  • Bad data = bad decisions.

Government Compliance 🏛️📑

Some industries, like healthcare, must report accurate data to the government. Incorrect or missing data could mean:

  • heavy fines
  • loss of licenses
  • legal trouble
  • harm to patients

Example:

  • A hospital must submit accurate data about medical treatments for insurance and regulatory reporting.
  • If this data is destroyed or compromised, they could face legal penalties and even put lives at risk.

Understanding Data Correlation (With Simple Examples) ⛓️

Data correlation means two data points move together in a pattern.

Positive Correlation (both go up or down together)

Example:

  • When the temperature goes up, ice cream sales also go up.
  • These two move in the same direction.

Negative Correlation (one goes up, the other goes down)

Example:

  • When the price of a product rises, sales often fall.
  • One rises → the other falls.

No Correlation (no relationship) 🚫

Example:

  • Number of pets in a city vs. number of car accidents.
  • They do not influence each other.

“Correlation Does NOT Mean Causation” (Easy Explanation) ⚠️

This phrase means:

Just because two things happen together doesn’t mean one causes the other.

Real example:

  • People eat more ice cream in summer.
  • More people also get sunburns in summer.

These two things are positively correlated — both increase in summer.

  • But ice cream does NOT cause sunburn.
  • The real cause is hot weather.

Another example:

  • If a store sees high umbrella sales and high raincoat sales on the same days,
  • that does not mean umbrellas cause people to buy raincoats. The real cause is rain.

This is why companies must be careful: If someone tampers with data or if the data is incorrect, the patterns can be misleading.

Data Monetization 💰

Companies don’t just use data to run their business — they also use it to make money. This process is called data monetization.

There are two main ways companies do this:

Using data to improve their own products 📈🛍️

Businesses analyze customer data to:

  • make better features
  • fix problems faster
  • understand what customers really want
  • Find new customers and keep existing ones

Example:

  • A streaming service like Netflix uses your watch history to recommend new shows.
  • Better recommendations = more customers staying longer.

Selling data to advertisers 📢🏷️

Some companies — like Google, Facebook, Instagram, and many free apps — make money by selling advertising access based on user data.

They don’t usually sell your personal identity. Instead, they sell targeted insights, such as:

  • people who like fitness
  • people searching for travel deals
  • people looking for laptops

Advertisers pay a lot for this.

Why Hackers Care 👤

If companies can make money from data, hackers know they can too.

A hacker who steals data might:

  • sell it on the dark web
  • sell it to competitors
  • Use it for identity theft
  • Use it for targeted scams
  • Demand ransom to return it

To a hacker, data = money.

Data Analytics and Big Data

Data analytics and big data are closely linked. As mentioned earlier, companies collect vast amounts of information about their customers, products, and services. But simply collecting data isn’t enough — they need to understand it.

That’s where data analytics comes in.

What Data Analysts Do 📊

Many companies hire entire teams of data analysts. Their job is to:

  • study large sets of data
  • find useful patterns and trends
  • help the business make better decisions
  • Recommend new strategies to increase profits or improve products

Example:

  • A data analyst might discover that customers who buy winter jackets also often buy gloves.
  • The company can then bundle these items or offer targeted promotions.

What Is Big Data? 📈

Big data is a newer term within the analytics world. It refers to:

  • extremely large datasets
  • often unstructured (not neatly organized)
  • gathered from many sources like websites, apps, sensors, and devices
  • requiring special tools to store, process, and visualize them

Big data tools include technologies like Hadoop, Spark, NoSQL databases, and large-scale cloud storage.

The Goal Is Still the Same 🎯

Whether it’s traditional analytics or big data, the objective doesn’t change:

  • Find meaningful patterns that can help the company make money, innovate, or improve.
  • And because this information is valuable, hackers may target it too.

Real-World Scenario: Different Motivations Behind Hacking 🔥

Not all hackers think alike. People in the hacking world are driven by very different goals. As mentioned earlier, some hack for money, some for the thrill, others for political reasons, and a few want recognition from their peers.

To understand how varied these motivations can be, let’s look at some major real-world hacks that made headlines in the last decade.

Major Hacks & What Happened 👤 💻 🔓

Here are a few well-known incidents:

  • Opus (2023): A large Australian health insurer, Medibank/OPUS, suffered a breach where hackers stole personal and medical data of about 10 million customers.
  • Marriott (2018): Hackers accessed the Starwood reservation database, exposing information of roughly 500 million guests, including passport details and travel patterns.
  • Dubsmash (2018): Around 162 million user accounts were stolen and later sold on the dark web. Data included usernames, email addresses, and hashed passwords.
  • Facebook (2018): Attackers exploited a vulnerability in the “View As” feature, exposing access tokens for 50 million accounts, allowing hackers to log in as those users.
  • Equifax (2017): One of the most significant data breaches ever — personal info of 147 million people was stolen, including Social Security numbers, birthdates, and addresses.
  • Uber (2016): Hackers stole data from 57 million riders and drivers and were paid $100,000 to keep it quiet (which later became a huge legal issue).
  • Yahoo (2013–2014):A massive breach affecting 3 billion accounts, revealing names, emails, phone numbers, hashed passwords, and security questions.

These are only a few examples — unfortunately, there are many more. Because breaches have become so common, some major news outlets now ask: “Who hasn’t been hacked yet?”

Hackers Motivated by the Challenge 🎮🚀

Some hackers break into systems not for money, but simply because they are hard to penetrate. They want the bragging rights of saying:

“I got in when no one else could.”

These hackers sometimes even leave clues or comments for system administrators — almost like a twisted “thank you note” — offering tips on how to fix the vulnerability they exploited.

Hacktivists: Politically or Morally Motivated Hackers 🗳️

Other hackers are driven by political beliefs, social causes, or a desire to expose organizations they feel are corrupt or unethical. These individuals often see hacking as a form of protest.

In professional hacking communities, hacking—just to make money—is often looked down upon. They consider credit card theft, ransomware, and identity theft to be “petty crime.” Instead, they pursue targets based on ideology, not profit.

Example: WikiLeaks

One widely known example is WikiLeaks.

WikiLeaks describes itself as:

An international nonprofit journalistic organization that publishes secret information, news leaks, and classified materials from anonymous sources.

Organizations whose data has been exposed by WikiLeaks call them hackers.WikiLeaks, on the other hand, sees itself as acting in the public interest, exposing hidden truths.

It’s a clear reminder that: Motivation shapes how hackers see themselves — and how the world sees them.

Wrapping Up 🧭

Hackers have many different reasons for what they do, but they all look for weak spots in computers and networks. By understanding what they want and how they attack, you can better protect yourself and your devices. The more you learn about how valuable data is—and how hackers try to steal it—the easier it becomes to stay safe in today’s digital world.