“Hacking” can be as easy as running some script you found online to prowl for vulnerable systems. This doesn’t take a lot of creativity. A lot of people/businesses/governments don’t practice good security hygiene (e.g. apply security patches as soon as they’re available) and end up getting popped by skiddies. I’d be more impressed if these Russian “hackers” could consistently repel attacks, but a simple google search suggests that they are struggling to defend their own turf

Millions of people use beautifulsoup4, but most probably don’t realize that a core library that powers it, soupsieve, is effectively maintained by one person. In the spirit of the xkcd you linked, Isaac Muse could probably use some funding