It could well be the world’s scariest search engine, this site can hack anything connected to the internet and it already has. “When people don’t see stuff on Google, they think no one can find it. That’s not true,” said John Matherly, creator of Shodan, which is being dubbed as the scariest search engine on the internet according to a report by CNNMoney.

Unlike Google, which crawls the web seeking for websites, Shodan navigates the internet’s back channels. It’s sort of a dark “Google” according to CNNMoney, it searches servers, webcams, printers, routers and all the other stuff that is connected and makes up the internet.

Shodan runs all day, 24/7, and collects information from 500 million connected devices and services every month.

It’s bizarre what people can find on Shodan. There are many traffic lights, security cameras, home automation devices and heating systems that are all connected to the Internet and easy to identify.

Researches at Shodan have found control systems for a water park, a gas station, a hotel wine cooler and even a crematorium. Cybersecurity researchers using Shodan have even used the search engine to locate command and control systems for nuclear power plants and particle-accelerating cyclotron.

What is remarkable about Shodan is its ability to find and discover all of these – and it’s also what makes it very scary. Very few of the devices that Shodan taps into have security built into it. Most of it are easily accessible online and even uses default passwords.

HD Moore, chief security officer of Rapid7, who runs a private version of a database smilar to what Shodan has for his own research purposes said, “You can log into just about half of the Internet with a default password. It’s a massive security failure.”

A quick search for “default password” will show countless printers, servers and system control devices that use “admin” as their username and “1234” as their password. Many more connected systems require no log-ins at all. A web browser is all that’s needed to access all of them.

Many of these devices shouldn’t be online. Companies will often purchase systems that can enable them to control the heating system with a computer. The issue of unparalleled access to the heating system begins when they devise a way to connect the computer to the heating system. Instead of creating a secure network to directly connect the two systems, they plug both into a web server. This unnecessarily and with great risk, shares access with the rest of the world.

Matherly said of these devices, “They don’t belong to the Internet in the first place.”

Shodan, however, is being used for the good. Penetration testers, security professionals, academic researchers and law enforcement agencies are the primary users of the site. They all use the “world’s scariest search engine” to alleviate and prevent the fear of cyber attacks.

Many of these security professionals aim to prevent undesirable scenarios from happening by identifying unsecured connected devices and services using Shodan. They then alert companies or organizations operating them that they are vulnerable.