The internet is like the wild west. There are bandits and outlaws everywhere. But automated. Bandit bots and outlaw bots who scan the internet all the time for open ports, trying to see if they can find an outdated version of software for which they have exploits. Some bots even have zero day exploits, which are unknown to the manufacturer of the software (the manufacturer has known zero days about the exploit, hence the name). When they find a match they will automatically hack the software running on the port and try do privilege escalation (essentially become admin). Then they might install a copy of themselves on your machine, fortifying their bandit army (botnet). Most of the time the criminal behind the botnet can now also control your machine and do anything with it. Many times acces to these hacked machines also get sold on the darkweb to other criminals.