"BS" - that's exactly what it is. If your system is locked down with a properly configured firewall and proper passwords etc., it's virtually impossible to 'hack' it - despite what you see on television. Phishing and trojan horses are the way most do it - and both require some cooperation from the owner of the system.
Keep thinking that. A firewall is just a piece of software. Bypassing a firewall could be hard but not impossible. I have not kept up to date with recent changes but back about 8 years ago I personally wrote and software that bypassed firewalls. One of the simplest methods back then was process injection. Your software firewall would let your browser access the net, I would execute code inside the memory of said browser and do whatever I wanted with your machine. Routers NAT were also easy to bypass. Instead of using YOUR ip; I would hardcode mine and have your system connect to me. NAT posed no issues then.
If it was not already mentioned.....
If you are worried re-boot your router and your ISP will assign a new IP (unless you have a static IP which is highly unlikely, i.e. business for VPN or hosting etc..)
Wrong. LOTS of ISPs are pretty much assigning static IPs these days. OR dynamic IPs with a very very long leases. That's my own personal experience.
There are two distinct questions here:
(1) Can you be targeted?
and (2) Can you be hacked?
In the headers of most emails is enough information to find your computer. Is a recipient of an email from you likely to know how to process those headers? Most people don't even know they exist. If someone were determined, they could learn a lot of information from the headers. If a sender were determined they could hide a lot of the commonly available information. But a determined hacker would resort to other means of finding your computer beyond the email. And a government has access to additional resources (e.g. ISP logs) which could identify a computer if a criminal act is alleged.
If a determined assailant is able to identify your computer - let's say they got the IP address easily from the headers - they could start to penetrate your network. Major corporations spend millions of dollars on network security and hackers are able to penetrate their networks. The US Federal Reserve takes security very seriously and they were hacked. Can your little home network stand up to a determined hacker? Not a chance.
A hacker would quickly find out that (say) you were using a home router, and that the router is the "computer" presented to the ISP. There are various things a hacker can do to accurately guess the manufacturer and model number of the router you're using (since they each implement various things slightly differently, the hacker just needs to send a few specific "tests" to the router and see how it responds). Once they know the model of the router, they can look up the vulnerabilities of that router and attack - and take control of - your router.
Once they've got control of your router, they pretty much have control over your network. And all those patches that Microsoft issues every month? They're released because new vulnerabilities are being found in Windows every month. The attacker just needs to find one that hasn't yet been patched, and they can gain control over your computer. You probably won't even know they've done it.
But all of this is a lot of work for little gain. Vulnerabilities are being patched "all the time". Most crooks will "sweep" IP address ranges looking for an easy target, rather than targetting a specific person (versus governments, who are interested in specific individuals).
Can it be done? Absolutely, by a well-informed crook. Is it likely? Not really.
Agreed to a certain extent more than once I did some pen testing my beloved Nmap to find out that the device I was targetting had no known security holes. But really the weakest spot in the any security infrastructure is the person behind the keyboard. It is far easier (but more time consuming) to have someone let you in their network by deception than to break into it by using exploits.
Also I despise the word crook when it comes to talking about hackers. I am a hacker and I don't consider myself a crook. Nor have I done anything to steal or hurt anyone. Most of the people I know and frequent actually do it for the sake of learning. Hackers are really just tech savvy people who think outside the box while software engineers use methodology. Don't get me wrong those guys do great work; they just do it by the book. Methods, procedures, a whole lot of stuff that I do enjoy bypassing.
Where I work and how I live encourages that. I mean if you are an engineer and you are working in a big corporation you have to deal with red tape. Constantly. How I do it is... go under that red tape. Oh you need to communicate with this server and have remote commands issued remotely from your desktop? Oh well you might want the network admin to check if open the firewall then check with the system admin if to see if the server can handle another application and of course request permissions. And of course if you have a security team you have to run it by them. Which in turns means a few weeks if not months of delay before you even get started.
Give it to a hacker. You know what he does? Oh this server has read-write on this share? Easy-peasy. Let's just make an app that writes to this share and another that reads the same file from the server. And guess what, I don't need admin access anymore. My app is up and running in 10 minutes. Fuck your red tape.
ill test your security for ya free of charge.