Distributed Denial of Service (DDoS)
While Mirai's authentication attack vector was relatively simple, its effect scaled to a Botnet consisting of millions of devices that were used to launch attacks against the internet's DNS system. The partial takedown of DNS left many large internet services companies unable to process normal and legitimate traffic. Mirai's open source code was augmented with new capabilities to compromise IoT devices even without default authentication weaknesses. Known as Reaper (or IoTTroop), this Botnet quietly gained strength, propagating from network to network (for example, by compromising router vulnerabilities) to reach a size sufficient for large-scale attacks. Future Botnets will be used to attack internet core infrastructure, individual corporations, or possibly even governments; it only depends on the self-serving motives of its owner.
See https://krebsonsecurity.com/2017/10/reaper-calm-before-the-iot-security-storm/ and https://research.checkpoint.com/new-iot-botnet-storm-coming/.