"When people don't see stuff on Google, they think no one can find it. That's not true", says to John Matherly, creator of Shodan, the scariest search engine on the Internet.

Google is most peoples main source of searching the internet, but some don't stop there.  Shodan navigates the Internet's back channels and is a kind of "dark" Google, looking for the servers, webcams, printers, routers and all the other stuff that is connected to and makes up the Internet.  

Countless traffic lights, security cameras, home automation devices and heating systems are connected to the Internet and easy to spot on Shodan and it's amazing what you can find on there.  Shodan searchers have found control systems for a gas station, water park and a crematorium among others.  More serious researchers like Cybersecurity have even located command and control systems for nuclear power plants and a particle-accelerating cyclotron by using Shodan.  What you learn is that very few of those devices have any kind of security built into them.

"You can log into just about half of the Internet with a default password," said HD Moore, chief security officer of Rapid 7, who operates a private version of a Shodan-like database for his own research purposes. "It's a massive security failure."

A quick search for "default password" reveals countless printers, servers and system control devices that use "admin" as their user name and "1234" as their password. Many more connected systems require no credentials at all -- all you need is a Web browser to connect to them.

"You could really do some serious damage with this," Tentler said, in an understatement.

The positive side is that Shodan is almost exclusively used for good.  Matherly, who created Shodan over years ago as a pet project, has limited searches to just 10 results without an account, and 50 with an account.  A payment and more information is required for more access.

Security professionals, academic researchers, penetration testers and law enforcement agencies are the primary users of Shodan. Bad guys may use it Matherly admits but he added that cybercriminals typically have access to botnets, which are large collections of infected computers and can achieve the same task without detection.Up until now, most cyberattacks have focused on stealing money and intellectual property.