Those utilities report bandwidth used, so they will only show traffic from IPs that have made connections. This does not mean they have "hacked" you, it most likely means someone inside your network has made a connection outbound to that server and requested something (e.g. web content). The port you don't recognize is probably the random client port of the connection, and the other port it shows for that same connection is likely the meaningful one.
Nothing can get in unless you let it. If you have no firewall rules on WAN, nothing can get in unsolicited. Someone on a local PC could still download something bad, but it would have to be a locally initiated connection.
If you want to know if someone is trying to get in, snort is probably a better choice to install.