It's not the device's fault, it's YOU

The update is majorly needed in people’s mindset to eradicate cyber-attacks, not necessarily or initially the update in the system. There is a saying said by former FBI Director Robert Mueller, "I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again." So we don’t usually accept this fact, but the intrusion inside an already existing built software is bound to happen. You either delay that or take actions to minimise the effects. One of the largest cyber-attacks to date was due to a few minor carelessness by the companies.

The Equifax Disaster

The $1.4 Billion "Forgot to Patch" Blunder. In March 2017, a critical security vulnerability was discovered in a widely used web application framework called Apache Struts. Security researchers immediately released a fix (a patch) to close the hole. The Department of Homeland Security explicitly warned Equifax’s internal IT department that they needed to update their systems immediately. Equifax... just didn't do it. Their internal IT team failed to distribute the patch across their servers, and nobody followed up to verify if the systems were safe. As a result, one of the cyber-attack’s example added to the list of historical events for us to study.

WannaCry's Global Damage

Another one of the WannaCry Ransomware pandemic: an attack that crippled hospitals worldwide. Microsoft discovered a catastrophic vulnerability in their older Windows operating systems (specifically involving how computers shared files over a local network, a protocol called SMBv1). Microsoft acted quickly and released a security patch in March 2017. However, thousands of massive global entities—including shipping companies, manufacturing plants, and the British National Health Service (NHS)—were notoriously slow at updating their corporate machines. Many were still running ancient, unsupported operating systems like Windows XP because upgrading to modern software was "too expensive or complicated." Guess the effect? Boom! Expect the unexpected…Over 300,000 computers across 150 countries were locked down simultaneously. The British healthcare system (NHS) was completely paralyzed. Doctors couldn’t access patient files, emergency rooms had to turn ambulances away, and critical surgeries were canceled—all because the hospitals were running unpatched, outdated systems. Total global economic damage was estimated at around $4 billion. The company's negligence cost the public their lives and the wealth they had earned their whole lives.

The Real Root Cause

In all these incidents, do you know the root cause of the attack? It's not just about delaying software updates or not replacing old, antique computers with modern ones; it’s the lack of urgency in digital emergencies or needs. We swipe past the update notification in our phone multiple times, procrastinating to do it on any other day, or just saying, “ Why do I need it, but blame the phone’s company or app if anything goes wrong. We also don’t think twice before clicking any random links online. The accidents of money being stolen from your bank account through online or your software glitching and delaying your work, frustrating you, are not the device’s fault. It’s YOU.

What I Learned the Hard Way

I used to believe cybersecurity has a jargon problem that keeps beginners out — and back when I was new to the field, I lived that belief. I was lost inside this loop of entering a simple concept, coming across a heavy word, researching about its meaning, and now lost where I was in the concept. And then this went on and on and on…But slowly I relied on the whole picture instead of single pieces, then I got it instantly. We don’t put enough effort into comprehending the complexity, take actions on our own digital life, and blame the world and its nuance for it.