Supposing that they, y’know, try to keep their setups secure anyway. With how much you see about breaches of different sites, it’s hard to imagine individuals and smaller groups being able to keep their stuff secure.
Although, they may also benefit from being lower value targets in some respects, I suppose?
Reading the logs for the incoming connection attempts of a fresh machine should be mandatory for everybody that wants to get a box online. It’s enlightening.
And it already was scary twenty years ago.