Indirect routes
Those claiming that it's too difficult to break through firewalls - the average consumer 'firewall' is a NAT device (with various degrees of vunerability) plus a badly configured software packet inspector on the users machine.
In any case, there are alternate ways around a firewall. Go in via a browser exploit - and use that to plant backdoors on various devices, that's not too far fetched, even/especially in the average corporation with an overworked IT department and a scheduled set of OS/software updates that are always later than you'd get them in the consumer world - due to the need for verification.