I guess what I'm trying to understand is- what was gained by the hacker -and what was potentially compromised at these companies and organizations?
I've noticed over the past 6 months or so, that I've been getting a lot of spam on my work email. They used to block all of it. I get more now in a week than I used to get in a year.
I assumed it was due to the "do more with less" focus that we live with now. Is it possibly related to this?
Money or lolz usually.
If they're going after corporations, they want to steal something worth money. Bank accounts, credit cards, personal information, etc. Don't forget that organized crime got in on the ground floor with the illegal and destructive variety of hacking. PRC followed suit quickly.
Most spam these days comes from botnets. Previously viruses were just random destructive programs. Those still exist, but the majority of newer viruses are not really viruses but small relatively discreet nodes in an often sizable array of other nodes. They can be multipurpose (spam drones, DDoS nodes, a mini Tor network) but usually they're single purpose.
The more modern botnets are actually quite well designed. You have a very large number of drone nodes, controlled by a secondary tier of command and control nodes with obvious heavy redundency. You can't take out the botnet by taking out even a large percentage of the command and control nodes. Communication is encrypted. The botnet operator doesn't have to contact all the nodes, just a handful of command and control nodes. The commands are passed laterally and down.
Spam traffic can widely vary depending on the number and size of botnets operating at any given moment.
