"Of the applications, Web sites, and services hosted on the Web, more than a fair share will experience some sort of mischief at the hands of a hacker intent on carrying out some sort of attack. To keep things short and sweet, I can easily say that although "The Truth may not be out there," people looking to deface, crack, exploit, break, steal, or otherwise mess with your site and application are.
"Unfortunately, an increasingly sophisticated and hostile environment exists in today's Internet. In the case of those looking to harm your application, you have several things to consider. Basically, attackers have a lot of advantages that you as a defender don't. For example, attackers have a whole underground dedicated to sharing information as well as a (un)healthy desire to team up and create all sorts of havoc. Accentuating the threat is the fact that those wishing to "have a little fun" with your application have nearly limitless time, money, and resources. Couple these advantages with a questionable set of ethics, and the threat is even larger. Never underestimate or lose respect for those looking to do you harm: You do so at your own peril.
"How likely are you to become a target? Well, the statistics can give one pause. Depending on the application's popularity, attacks can range from only a few an hour to several hundred or thousand in the same time period. In fact, the time to actually become a target of an attack or an attempted attack can be only moments after an application goes online and becomes available to the world. On average, a hosted application exposed to the Internet can experience over 400,000 different attack attempts (of varying degrees) over a one-week period."
