Targeting People, Not the Infrastructure
Historically, many cyberattacks tended to be technology-focused and required specialized knowledge to expertly fool a network into believing the attacker was an authorized user. Spoofing, man-in-the-middle (LAN or Wi-Fi), DNS, and other attacks require actual skill (and a bit of malice) to properly execute.