We recently changed the security system we use on the website where these articles live, and forgot to switch off the email notifications generated when somebody tries to hack into the site. The result was a deluge of emails, because whether we like to think about it or not, everyone’s sites are being tested all day every day, both by automated systems and by real people.
Why do they do this? It’s probably not to find sites they can take over and replace with something nefarious. Usually, it’s to add links – quietly – to their own (presumably money-making) sites, and hope these won’t be noticed. That way, the links will send them traffic and get them ranked higher in search engine results, without the site owner taking them down as quickly as possible.
I’ve been to many business websites where you click on a link to a datasheet and end up on an obscure Chinese site. Would you know if there were links like this on your website? A regular site crawl, or even just a checkup in Google Search Console, could put your mind at rest in this respect.