The alert says that water operators are employing poor security standards that have allowed the hackers to breach their networks, including the use of default passwords that are included when the water system management tools are first installed.