Not always the best and the brightest, although don't get in the habit of underestimating potential attackers.
Due to the large number of security bugs that are continually being discovered, the large number of hosts whose security is not closely monitored and managed, and the ease of automating many security attacks, the most depressingly common kind of attacker is the "script kiddie" -- someone bright enought to obtain and deploy exploits written by more clever people, and scan networks for systems to attempt them against.
Script kiddies may not be particularly clever, but they have more time to attack your host than you have time to monitor and secure it, and unless you are closely monitoring your host, you may not notice their attempts to break in.
It's also unlikely that anyone attempting to break into your system actually wants any data on it; the most common reason people break into systems is to use them as a base of operations for further attacks, as well as the egoboo of claiming "I 0wnz 15 5ys7emz."