Companies of all kinds are attacked all the time, every day. Not just large corporations, but everything from tiny mom and pop shops to giant corporations and governments. Attacks are indiscriminate, with the goal being to gain access somewhere, anywhere. The attackers are fishing, looking to hit different places and gain access wherever there is a weakness. They will attack every URL — especially if its signature matches a particular framework, like WordPress or nginx. They will hit any URL or IP address on any port that has a weakness. That site will be is culled from a list that is scanning the whole internet and the exploit will be sent back for easy access. Having proper incident response to these attacks is vital to the success of your business.
The hackers will move through this process indiscriminately. They don’t care what kind of business you have or how big you are. Governments and large corporations are hard targets which have only become harder over time, so they are fairly well defended. Small to medium sized businesses, however, are more likely to see these attacks be successful because cybersecurity is an afterthought. It’s an understaffed department or nonexistent because cybersecurity isn’t taken seriously in budget and strategy meetings. Soft targets include businesses in the healthcare industry, accounting firms, law firms, companies which are robust in data but they have very little defense. Hackers want access, and without protection, they will get it.
***Click here for full text***