One common question asked by people who are in the aftermath of a cyber attack is “why do computers have these vulnerabilities”? While this is a complex question that would require an in-depth education on computing systems and software/hardware design, there are a few things that we can discuss to help people understand why our systems are sometimes vulnerable, as well as what we can do to protect ourselves.
First, almost all software has some vulnerabilities or problems with it. This is because many of the important programs which we use are massive, complex, and aging. Some pieces of software contain millions of lines of code. This means that in order to really examine them for flaws, it would not only take an absurd amount of time, but every situation in which the code would be used would have to be understood. Additionally, designers would have to anticipate every situation where things go outside what they are designed for, as well as their interaction with a nearly infinite variety of other factors.
Additionally, computer safety is based on more than just the software that the machines are running. The protocols, network setup, and other factors which are related to how the machine interfaces with the world are all vulnerable to exploit. The system must have some method of “trusting” a user, and if the machine and network are not properly secured, a hacker could access the system by spoofing credentials.
All of these factors together mean that all systems are vulnerable in some way. However, whenever individual vulnerabilities are found, they are corrected. This means that there is a constant war between cybersecurity experts who try to find problems in order to fix them, and malicious hackers, who attempt to find these same problems first, but for gain or in order to cause damage.
This makes it critical that user keep their software and OS current. If a new version of the software is released, it will typically contain all of the patches to remove vulnerabilities that have been discovered since the last patch. Once a vulnerability is discovered, knowledge of it will spread, so while an updated computer is much safer, a computer which is not updated is at even greater risk than before.
The best way for users to ensure that their systems are not at risk is first to ensure that all software is up to date. The second is by hiring a professional to handle network security. Business in particular need to ensure that not just their software, but their network protocols and systems all conform to the best current safe practices.