No company that I ever hacked into reported any damages, which they were required to do for significant losses.

No company that I ever hacked into reported any damages, which they were required to do for significant losses. Sun didn't stop using Solaris and DEC didn't stop using VMS.

Think about it: if you were running a multi-million dollar company, and your database of customer information was stolen, would you want to tell your clients? No. Most companies did not until the laws required them to. It's in the best interest of organisations - when they're attacked and information is stolen - to tell nobody.

I think malware is a significant threat because the mitigation, like antivirus software, hasn't evolved to a point to really mitigate the risk to a reasonable degree.

Penetrating a company's security often starts with the bad guy obtaining some piece of information that seems so innocent, so everyday and unimportant, that most people in the organization don't see any reason why the item should be protected and restricted.

Phone phreaking is a type of hacking that allows you to explore the telephone network by exploiting the phone systems and phone company employees.