People seem to want to say programming is necessary, I would argue it is not. I does not hurt but being an experienced dev before learning to hack is not a requirement, especially not for a lot of simpler embedded systems (the 3ds is not especially complex or hardened).
As for not able to be taught... that depends. Broadly speaking there are two main hacker tracks, though blending them is always an option
1) Computer security is just computer administration. Forget to close ports on the firewall, forget to change default passwords, forget to disable functionality you are not using, forget to update when exploits have been found, forget to isolate components that do not need to speak to other things on your network...
This can be taught fairly readily.
2) The actual finding of exploits. This typically does want some skills, however how much of a given thing you wish to know might vary and you also have multiple approaches -- hardware hacking is very much an option but one seemingly not all that explored on the 3ds at this point. Others have taken the high level systems approach and scraped until they got something to analyse, analysed it and then weaponised it. You can be taught some of this, though I would agree many of the better ones have a mindset that does well for them here.
Now starting out on the 3ds is a bit like trying for a marathon a week after you got to the point where you can climb the stairs without getting out of breath. You would be far better off tweaking things and then moving up as time goes on.