When you expose ports to the Internet. It’s honestly interesting to setup a Web server with the default page on it and see how quickly you get hits on it. You don’t need to register a DNS or be part of an index anywhere. If you open a port (and your router does forward it) then you WILL get scanned for vulnerabilities. It’s like going naked in the forest, you sure can do that but clothes help, even if it’s “just” again ivy or random critters. Now obviously the LONGER you run naked or leave a computer exposed, the most likely you are to get a bad bug.