If you have no record (even if it is short, in this case 24 hours) of when someone accessed your services, nothing is stopping someone from abusing your infrastructure by constantly sending requests non-stop.
How are you supposed to know if someone is accessing the site for the first time in the day, or the thousandth time in the span of a minute if you can’t keep logs?
Not always, depends on what repository the package is. Still waiting for Ubuntu to patch issues that allows for remote execution of code on 18.04.