SecurityScorecard Driftnet Engine Surveillance Report

This report details the findings of SecurityScorecard's research utilizing the Driftnet engine to analyze a small U.S. municipal utility network. The investigation uncovered significant vulnerabilities, including exposed Industrial Control Systems (ICS), weak encryption configurations, and the presence of banned surveillance equipment from Dahua and Hikvision. The research highlights the convergence of utility and internet services within the same operational environment, which creates a concentrated point of failure. Over a six-month period, Driftnet identified 1,498 services across 692 IP addresses, revealing that 446 IPs (64%) exhibited at least one technical issue that increased exposure risk. The report emphasizes the lack of segmentation between consumer-grade devices and critical infrastructure systems, which raises the likelihood of lateral movement towards operational technologies. It also discusses the implications of these vulnerabilities for community safety and infrastructure integrity, noting that such exposure is not unique to this town but indicative of broader systemic issues.