The target is what the attack is directed against. The primary target is whatever the main objective is think data, data, data. The intermediate target is the hacker’s means to achieving the primary target. Intermediate targets include a network or network appliance, server, workstation, and mobile device (tablet, laptop, phone). Also included are infrastructure devices such as network connected thermostats, circuit boards, and the software applications that run them. Many different types of devices are now connected to the Internet and controlled using webpage based interfaces. These devices can be particularly susceptible targets unless proper investment is made to produce secure programming code.
Data is the end goal of attacking a target. Data can take many forms. A few examples are records in a database containing customer data or health records, data files such as word processing documents or drawings of intellectual property, your GPS location, the words being said in a conference room, your personal credit card information or that of your customers, and even video information.