The majority of people affected by this cyber threat would not know how to configure a router, and unlikely to even be aware of the threat or take action if they did know. What should the IT industry do about this? I would expect ISPs to determine if their customers are at risk (for example, Virgin Media use Netgear routers) and start an appropriate education program. There is so much to be learnt from other industries and although car manufacturers are not currently seen as a beacon of good practice, whenever a problem occurs with their vehicles, they are required by law to contact their customers and put in place a remediation plan. Who should be promoting this for the benefit of all internet users? Governments or the industry?