To my new little hackers, Avi and Tallia.
May you grow healthy and change the world.
Chapter 1: Introduction
$7.2 billion. Gone in an instant.
The Year: 2013
The Target: Target
As shoppers stocked up on holiday gifts, a more sinister plot was underway. While point-of-sale systems and Internet checkouts inhaled the credit card numbers of unsuspecting consumers at Target stores around the country, hackers were enjoying their own holiday cheer as they silently breached the security of this cyber-naïve retail giant. At least 40 million credit card numbers were stolen along with the theft of the personal information of nearly 110 million customers.
As the news broke in the subsequent weeks, Target’s performance plummeted. Revenue was down 46.2% compared to the same period the year before, and their stock price crashed. The market cap of this powerhouse company shriveled by $7.2 billion, bringing once insulated executives to their knees. Target eventually agreed to pay victims a total of $10 million. Disastrous publicity ensued, customer loyalty was eradicated, and this shiny brand was forever tarnished. CEO Gregg Steinhafel was forced out, leaving a giant crater of scorched value in the ashes.
Meanwhile, the hackers profited to the tune of $53.7 million. The deviants behind the hacks have never been identified, caught, or tried. They exist in the ether, lurking in the shadows. Hackers represent no one country, yet a top security expert told the Wall Street Journal that they are the single biggest threat to our national security.
And their approaches are your best model for innovation, growth, and success.
To be clear, I’m not endorsing cybercrime. But if you put their sinister motives aside and simply study their techniques, hacking is nothing more than an unorthodox problem solving methodology. In the Target scheme, hackers established their prey, surveyed the obstacles, generated a number of creative approaches, discovered vulnerabilities, exploited their adversary’s weakness, and generated outsized results. Compare that to the lackluster performance of many bureaucratic companies, and you’ll quickly wish your team embraced the mindset of hackers to drive better, more creative outcomes.
Since the classic 1983 movie War Games, hackers have been a global fascination. They are feared, glamorized, and hated. Rarely does a day go by without headline news coverage of the wreckage left behind by malicious hackers. They hack corporations, governments, and individuals. It’s been said there are only two types of organizations: those that have been hacked and those that don’t know they’ve been hacked.
Hacking is big business, and it’s taking a big toll. In 2014, the FBI received 269,422 complaints of cybercrime. The annual cost of hacking is estimated at over $100 billion in the United States, and more than $300 billion worldwide. Over 60,000 websites are hacked each day, and 47% of adult Americans had their personal information exposed within the last 12 months. MyDoom, the most expensive virus of all time, began in 2004 and has racked up an estimated cost of $38.5 billion. Cybercrime targets 556 million people each year, and 68% of funds lost to these attacks are deemed unrecoverable. No wonder the mere mention of hackers makes the hairs on the back of our necks stand up.
Hackers come in all shapes and sizes. There are government-sponsored hackers, looking to perpetrate espionage on behalf of their mother countries. There are lone-wolf hackers who pursue their craft for financial gain, revenge, social status, or simply to prove that they can. There are bands of hackers, loosely organized affiliates, who team up to deliver vigilante justice, like hacking into ISIS accounts or using hacking to expose criminal acts. There are “white hat” hackers who use their skills for good, “black hat” hackers who perpetrate evil, and hundreds of shades of gray in between.
Some hackers use their skills for positive impact. Startups in Silicon Valley deploy a specialized set of techniques known as “growth hacking” in order to grow massive audiences quickly. That’s how Twitter, FourSquare, and Instagram grew so big, so fast. There are also biohackers who leverage hacking techniques to cure disease, solve healthcare problems, and improve environmental quality. There are life hacks (7 Simple Ways To Eliminate Plaque), educational hacks (How To Read With 50% Greater Speed), and even parenting hacks (Reverse-engineering Temper Tantrums To Create A Peaceful Household). With all these seemingly disconnected uses and groups, what commonalities exist?And why should you care?
We often define hacking as a criminal act using computer software to violate cybersecurity defenses. We envision a pimple-faced young man in a hoodie, guzzling energy drinks in a dimly lit basement, perpetrating malicious deeds for illicit gain. While there certainly are individuals that fit this stereotype, hackers are a much wider and more diverse group than this unimaginative caricature.
Hackers, in fact, are not good or evil. Some master software while some have never turned on a computer. Hackers are foreign and domestic, young and old, educated and improvised. Hackers are not defined by their ability to crack code, but by their specialized approach to problem solving.
Hacking does not ascribe a specific intent, and nothing about the skillset itself is right or wrong. In fact, hacking is a tool, an approach. In the same way a knife can be used for evil (to murder) or to heal (a scalpel used to perform a life-saving surgery), hacking can be used to destroy or rebuild. While hacking can clearly be used for wrongdoing, it can also serve as a powerful model of growth, innovation, and success.
The purpose of this book is to share the ideas, mindsets, and techniques of hackers to empower you to use them for legitimate purposes. You won’t learn how to rob a bank or take down a power grid. Instead, you’ll discover the most powerful model to crush your challenges, foster creativity, and harness what’s possible. You’ll learn to topple your competitors, drive growth, and ensure long-term success. Hacking is the cutting-edge leadership model to help you to excel and elevate your company’s performance.
You are a hacker. You have the ability to unlock potential and solve the most intimidating problems you face, both personally and professionally.
A DORK FINDS HIS MUSE
Back in the early ’80s, I got my first taste of hacking. Full disclosure, I was a nerd of epic proportion. As a socially awkward teen with few athletic skills, I spent my days practicing guitar or in front of a computer screen. Using my Atari 800 computer with 48k of memory and a dial-up modem that transmitted slower than I could type, I had a sinister idea. A mischievous plan to conquer the world.
Sort of.
Back in the day, when long-distance calls cost nearly as much as a luxury vacation, calling cards by MCI, Sprint, and AT&T were a status symbol. Using a special number, along with a 5-digit code, you could speak to someone in a different country. This sounds lame now, in the age of live video streaming from your watch, but back then it was wicked cool. Since I didn’t have any money, I decided to use hacking to see if I could score some free codes.
My approach was pretty basic – I wrote a very simple software program to do the dirty work. At the time, AOL was the gateway to the online world and they actually had a phone number rather than a website. You could dial their number from your modem and you’d hear the famous screechy noise, alerting you that you’d reached a computer and not the local pizza joint. So my software did the following: dialed MCI’s toll-free calling card number, entered a five-digit code (it started with 00000), and then tried to connect to AOL. If the call went through and AOL’s computer tone connected to my machine, my software would record the 5-digit code as valid. If it didn’t work, my system would hang up and try the next sequential number (00001). So I’d go to bed each evening, run the system all night, and wake up to 10-15 fresh and valid long-distance codes to use.
Thankfully, I was never caught and am not on any watch lists, as far as I know. At the time, I thought this was the coolest thing ever. I had no intention of