Moore’s census involved regularly sending simple, automated messages to each one of the 3.7 billion IP addresses assigned to devices connected to the Internet around the world (Google, in contrast, collects information offered publicly by websites). Many of the two terabytes (2,000 gigabytes) worth of replies Moore received from 310 million IPs indicated that they came from devices vulnerable to well-known flaws, or configured in a way that could to let anyone take control of them.
On Tuesday, Moore published results on a particularly troubling segment of those vulnerable devices: ones that appear to be used for business and industrial systems. Over 114,000 of those control connections were logged as being on the Internet with known security flaws. Many could be accessed using default passwords and 13,000 offered direct access through a command prompt without a password at all.
Those vulnerable accounts offer attackers significant opportunities, says Moore, including rebooting company servers and IT systems, accessing medical device logs and customer data, and even gaining access to industrial control systems at factories or power infrastructure. Moore’s latest findings were aided by a similar dataset published by an anonymous hacker last month, gathered by compromising 420,000 pieces of network hardware.