Internet service providers (ISPs) are being criticized for distributing routers that are known for having security vulnerabilities that leave users vulnerable. A whopping 14 supplier provided ADSL routers that have firmware released in 2007 or newer, so hackers are able to gain overwhelming control of home networks.
Up to 80 million devices that are used in households and small offices can be compromised simply because new users don't bother to change default passwords - and it's even easier to find Internet-exposed routers. In addition to Internet scans, some websites are known for publishing which devices are vulnerable to outside tampering.
"Wide swathes of IP space are being made vulnerable through ISPs in developing countries distributing routers with default passwords that can be easily found on the Internet," said Kyle Lovett, Cisco consultant, while speaking at CrestCon & IISP Congress 2015.