• 520
    link
    fedilink
    2
    edit-2
    9 months ago

    So if we’re not talking about ISPs sending this out, then the reason that remote access gets turned on by default is incase the company sysadmin couldn’t physically get to the device, and they assumed the company had a firewall.

    Companies almost always prioritise OOTB setup and operationality over security when it comes to defaults.

    • Encrypt-Keeper
      link
      fedilink
      English
      1
      edit-2
      9 months ago

      They likely weren’t enabled by default at all. Because that’s generally not how company IT departments even remote manage these things. And the affected devices are the firewalls.

      Remote administration was turned on manually, by the owners of these devices, because they didn’t know what they were doing.