If you were hitting a bank....
I have suspected it is easier from inside out and that either getting an insider or at least tricking an insider to install your backdoor is probably going to give you a better ROI than trying to break through the front door.
So my guess is dumb employee installing xyz without permission or some other form of social engineering letting the bad guys in a side door.
Santandar were hit a few years back when a 'cleaner fitted a KVM hooked to a 3G router into the network.
Biting the hand that feeds IT
