A common belief I see among many of my SMB customers is, "Why would anyone want to hack into my network?" When asked why he'd want to climb Mt. Everest, it was George Herbert Leigh Mallory that uttered the short but sweet sentence, "Because it is there." Why is that apropos in this example? Many hackers are testing IP address after IP address looking for an opportunity to present itself much the same as Mallory. Once hackers gain entry into a network, what they do inside that network can vary from absolutely nothing to embedding malicious software to stealing valuable data.
Who's Hacking Who
If there is anyone who tells you that they can 100% guarantee that your network is secure, run the other way. Due to the sophistication of the perpetrators and the dogged determination to find vulnerability, it's certain that NO network is completely safe. Think about the millions of dollars spent on IT by large companies and government agencies like the State of South Carolina, Citibank, eHarmony, Twitter, The Associated Press, etc. and these entities were still hacked.
Boy Scout Motto - Be Prepared
So what can you do? One of the tasks you should put on an annual list of things to do is a vulnerability or security audit. It should always be performed by a third party that does not have a vested interest in the outcome. How detailed the audit must be depends upon your budget and your risk tolerance for a cyber-incursion. As always, leverage your trusted technology partner for advice.