Who has their router set to allow access to the admin interface from the wan side?
Me. I use Tomato so that I can log in remotely from work and then use WoL to boot my computer, server and NAS remotely in order to access any files I might need but it still allows me to shut my machines down when not needed in order to keep my electricity bill low.
I do however use an 18 digit password that uses mixed-case, numbers and special characters to make the likelihood of a brute force attack being successful to almost nil. I also regularly change my passwords which I know (having been in the IT field for 10 years) that most people do not.
It all comes down to using tried and true security practices in my opinion. If you use simple common sense you can avoid most of these issues outright.
1) Use long passwords with mixed case, numbers and special characters.
2) Change those passwords regularly.
3) Do not use the same password for different site logins.
4) Keep your router firmware up to date (though that would not have helped in this particular case apparently).
5) I would also add that you stay away from installing applications not obtained directly from the software vendor that wrote them (read warez). You have no idea what that copy of Windows XP Super-Ultimate Gold might be installing in addition.
6) Stay away from websites that are heavily laden with nefarious advertising such as porn, etc.
Common sense really.