Yesterday, there was a major DDOS attack from over 500,000 devices that grinded many websites to a halt. The saddest part about this story was how simple of a script that imparted so much damage.
All one needs to do is set up a script (see below) that will enable a bot to search and establish an unencrypted connection of Telecom devices. If they got a response, they would try to login with this list 60 of combination of usernames and passwords:
They then used these 500,000 devices to overwhelm the servers.