Two main forms of hacking/attacks etc.
The scatter gun, where they're just trying anything and everything to see what gets through, which then either reports back, or gets in, and invites all it's friends for a party in your network (that's not a good thing btw). I could easily show you firewall logs, as admin/admin, root/root, user/password etc all get attempted, multiple locations, multiple times a minute, if not every second, via various services a typical business might use.
Targeted. This is way more dangerous. Either they're a market leader, or have an enemy that either personally doesn't like them, or wants them out of business (for whatever reason). I have both of these categories as clients. Unfortunately for the client, we spend more on security than another typical client, but this is all open discussion (as best possible, I like to enable clients to make knowledge based decisions). Sometimes they're quite aware who is after them, but either geographically we can't do anything, or proving it all the way back through layers, is very tricky to do.
Ultimately, people are the problem. As noted above, some have no idea about security. Yeah, we want open access to our device. Sure, your office address? Oh no, from any mobile etc. A client has exactly this, so all those devices have their own separated network - as best possible, coz staff also want to access.... yay. Btw, if any of you still have open RDP, turn it off. Please... changing the external port from 3389 to 33389 or 3390 is not even close to smart or secure. If you can access from anywhere, so can someone else.
Oh, and understand the stakes we're playing with, when we tell you, you can't have p@ssw0rd. Even something like
https://www.dinopass.com/ (using a strong password of 10 characters or more) makes it relatively easy to type, while still being completely random and different to anything else you have.
[slightly more geek mode]
Use this to discover if a website you've used was compromised:
https://haveibeenpwned.com/
Your passwords are for sale (or freely available), and they will try that password on every logical site, because so many people re-use the same password over and over. If they get access to your email, now they can re-set the password to a website and get the new password.
Bookmarks