US warns Iranian terrorist crew broke into 'multiple' US water facilities

That's pretty much criminal negligence, it appears.

So you're telling me password isn't a secure password?

who would ever have guessed... ***goes and changes to 'Password1' as no one will guess that***

Uh huh.

we have seen no access to operational systems at these water facilities, nor have we seen any impact to the provision of safe drinking water

Also

At this time, it appears that Cyberav3ngers is the only gang targeting Israel-made gear in US critical infrastructure facilities

"Have seen no access" and "appears" are not the most confidence-inspiring phrases in this context.

This information is a sad example of the lackadaisical attitude that has been and still is prevalent with utility companies in the USA, UK and most if not all of Europe. Back in 2009, a colleague of mine and I met with a scientist from EPRI in San Francisco. He confirmed then that there was no meaningful cyber security protection from power generation right through to the distribution network. As far as I am aware, little if anything had changed and this weakness across the water, gas and oil, electricity and most organizations is still evident. It can't be a lack of potential applications to combat exploits. It has to be a lack of action, effort and will on behalf of the management of these companies. Bombs and other destructive devices are no longer needed to paralyze a nation. Coordinated Zero Day attacks on all of them would bring any nation to its knees without a shot being fired. When will they learn? Perhaps we will hear this well-worn phrase after an attack "lessons must be learned" - but then it may be too late.

Iranians? Terrorists?

Oh dear, my government's at it again. It never loses a beat associating words like 'terrorist' with some country it doesn't like like 'Iran'. All its really doing by underestimating the intelligence of its population is lowering its credibility. (...assuming it could get any lower, that is)

US foreign policy is made by career functionaries who often have a bee in their bonnet about particular countries. They drive policy and propaganda and often are so off base these days that we must look rather pathetic to the rest of the world. The trouble is that these people drag us -- the country and we, the people -- into their own personal vendettas so instead of being able to live with a country (which doesn't necessarily mean "agree with", note) we get dragged into all sorts of foreign adventures, most, if not all, turn out badly for us as a nation and really badly for the locals. (Except that 'the rest of the world' is now big enough to stand on its own two feet -- we can stomp on a small island for 60 years or so and they just have to put up with it; doing the same for someone a bit bigger like Iran is not at all effective and doing it to someone that's really big like China is just going to get our foot mangled.)

Once more idiocy of using the internet, aka, the bunch of holes connected with string, for confidential, proprietary, business critical data is proven. The decision to do this is driven not by efficiency or technology but rather by the bean counters who are more concerned with hitting the quarters' numbers than protecting their businesses or customers.