"it's not rocket science to defend against this sort of stuff."
Never has been rocket science. The big problem is a combination of complacency and convenience.
It's so convenient to allow SMB and remote desktop across the firewall, let everyone browse with unfettered scripting, run a flat network with AD as the only segregation mechanism (or in the case of Equifax, leave a file of clear text server credentials on the network) that nobody stops to think about the possible consequences.
On several assignments I've had to fight to make them put documents such as pen test reports and firewall rule listings in a secure area. Mostly they've just been 'somewhere' on sharepoint.