A remarkable story came out of Canada this month, the kind that sounds like a spy thriller but carries a very practical warning for ordinary businesses. A newly unsealed court ruling revealed that Canada’s intelligence service was granted a judge’s permission to do something it had never done before: reach out across the internet and remotely clean malicious software off of private devices sitting in homes and businesses across the country. Routers, security cameras, smart doorbells, televisions, and other everyday internet-connected gadgets had been quietly hijacked by foreign attackers, and the threat was deemed serious enough that a court allowed the government to step in and disinfect people’s hardware for them.
Sit with that for a second. The situation was judged so dangerous that a government took the extraordinary step of reaching into private devices to clean them. But the most important detail for a business owner is not the dramatic government operation. It is the quiet, uncomfortable truth underneath it: all of those devices were compromised in the first place because they were the gear nobody was looking after. And a government cleanup, as we will see, does not actually fix that underlying problem.
What a botnet is, in plain terms
The hijacked devices had been pulled into what is called a botnet — and the idea is simpler than the name suggests. Attackers quietly take over thousands of ordinary internet-connected devices around the world and link them together into a single network they secretly control. Each individual owner has no idea their router or camera is part of it. The device keeps working normally, so nothing seems wrong. But in the background, it is now a tiny soldier in someone else’s army, and the attackers use that army to disguise their activity, route their attacks through innocent people’s hardware, and probe for bigger targets.
That is why your business’s hardware is valuable to an attacker even if you think you have nothing worth stealing. They may not want your data at all. They may simply want to quietly borrow your router or your camera as one more anonymous relay point in their network — one more device making their crimes look like they are coming from an ordinary business in your town instead of from them. Your overlooked equipment becomes a tool used against someone else, and against your own reputation, without you ever knowing.
The devices nobody is watching
The single most useful lesson from this whole episode is what kind of devices get hijacked. It is almost never the computers people use every day and keep updated. It is the forgotten hardware — the gear that gets installed once and then runs in a corner for years, untouched and unconsidered. The router that has not been updated since the day it was plugged in. The security camera system with the password it shipped with. The smart TV in the break room. The internet-connected gadget someone added two years ago and nobody has thought about since. These devices are perfect targets precisely because they are invisible to the people who own them. No one updates them, no one checks them, and no one would notice if they started misbehaving.
Every small business has a collection of this kind of hardware, and almost no owner could produce a complete list of it. The router in the closet, the cameras watching the parking lot, the network device the last technician installed, the smart thermostat, the connected printer, the point-of-sale gear — each one is a small computer connected to your network and to the internet, and each one needs the same care and updating that an actual computer does. The trouble is that nobody ever assigned anyone to care for them. They just quietly run, year after year, slowly falling further out of date, until one day they are exactly the kind of soft, forgotten target an attacker is looking for.
Why a cleanup doesn’t fix the real problem
Here is the part of the Canadian story that matters most, and it is easy to miss. Even after the malicious software was scrubbed off those devices, the weakness that let it in was still there. The cleanup removed the symptom, not the cause. An old device with an outdated security hole or a default password is still an old device with that same hole the moment the cleanup is done — and it can simply be infected all over again. In fact, something as ordinary as restarting one of those devices could undo the fix entirely. The government could disinfect the hardware, but it could not make the hardware safe. That part — retiring the equipment that is too old to be secured, and properly locking down the equipment that stays — is a job that falls to the owner, and to no one else.
That is the real, durable lesson hiding inside the spy-thriller headline. You cannot count on a dramatic rescue. There will be no court order and no intelligence agency riding in to clean the forgotten router in your back closet. The responsibility for knowing what is connected to your network, keeping it current, replacing what has aged out, and locking down what remains is yours — and in the average busy small business, it is precisely the responsibility that no one is actually carrying.
Someone has to be minding the hardware
This is exactly the gap that proper, ongoing IT management is meant to fill, and it is the part most small businesses skip because nothing has forced the issue yet. Knowing every device connected to your network. Keeping them updated, the way you would never let the locks on your building rust shut. Recognizing when a piece of equipment has reached the end of its safe life and needs to be retired rather than nursed along. Making sure nothing is still running on the password it came with. It is unglamorous, invisible work — the kind that quietly prevents the disaster you never end up having to read about, because it never happened to you.
That is what we do for the businesses we look after: we take ownership of the whole picture, including the forgotten gear in the closet that everyone else ignores, so your hardware is something working for you rather than a quiet liability working for someone else. The Canadian government had to get a court order to clean up devices their owners did not even know were compromised. The far better outcome is to never become one of those devices in the first place. If you cannot say, right now, exactly what is connected to your network and whether it is still safe to be there, that is the gap worth closing — before someone else finds it first.
Sources: The Hacker News; The Canadian Press; Federal Court of Canada ruling, June 2026.
