I can't help thinking this is a post-bolt attempt to shut stable doors.
Assuming these login attempts aren't from white hats it means that insecure stuff is out in the field in sufficient numbers that not only have criminals discovered the weaknesses but have concluded that it's worth attacking. If the manufacturers patch it in future production that's at least something but unless the installed base gets patched the problem isn't being dealt with.
The root problem is that insecure stuff gets marketed in the first place. We need enforced standards comparable to those regulating other hazards, e.g. chemical and electrical. What's more likely is that the current crop of trade negotiations - which ought to incorporate this - would enable manufacturers to sue governments that tried to introduce such regulation.
In the meantime, given that the problem exists there should be mitigation. One approach would be for manufacturers to take responsibility for the stuff out there by scanning for it and using the same open doors to patch it, removing any unauthorised S/W that's been installed and closing the doors for good. That's likely to be a race as any criminal takeover has probably changed default passwords already.
Another would be to draw up lists of such installations by ISP and pressure the ISPs to liaise with their customers, the pressure being that ISPs who don't cooperate get disconnected from the net and customers who don't respond to the ISP get disconnected from the ISP. This might be draconian but with the current state of affairs draconian is what's needed.