This document discusses common security issues seen in critical infrastructure networks that can enable basic persistent threats. It notes that default passwords, lack of network segmentation, open remote access ports, unrestricted trust relationships, and other issues are often exploited by attackers to compromise these networks. The document provides examples of specific incidents where critical infrastructure networks were hacked by exploiting these basic vulnerabilities.