It is an unfortunate reality of today's information technology environment that some types of businesses are more likely to find themselves the target of a "hacktivist" attack. Hacktivists are malicious actors that seek to intrude into a system to shut it down, steal credit card numbers or other vital data in order to cripple an organization in the public sphere. They are not primarily interested in financial gain, but rather seek to damage or destroy the reputations of businesses they have targeted.
What makes a business likely to become the subject of a hactivist's attention depends entirely on the political interests and issues that the hacktivist has decided to pursue. Merely having a business contract with a foreign government can be enough to draw the attention of a hacktivist group, should that foreign government be perceived as somehow violating the rights of its citizens. The business organization may be many steps removed from the actual violations, but that may not make a difference to the hacktivist seeking to make a point. Selling goods or services to certain political groups may also trigger a hacktivist attack if those groups are perceived as promoting values that the hacktivist does not appreciate.
Businesses are generally not scaling back commercial activities because of concerns about these attacks. Indeed, it is a sound policy not to do so; in some respects, hacktivists behave as bullies, attacking others to get their own way. Giving in to a bully's demands will often merely encourage the bully to make more demands. Instead, businesses and other organizations are ramping up their IT security by using managed services providers that can offer remote management of systems so that even when the office is closed, IT security is still being closely monitored.