The United Kingdom’s National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United Kingdom for vulnerabilities.
The UK agency aims at secure these devices reporting the discovered vulnerabilities to their owners.
“As part of the NCSC’s mission to make the UK the safest place to live and do business online, we are building a data-driven view of “the vulnerability of the UK”. ” reads the post published by the Agency.
“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact,” the agency said.
“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact. The NCSC uses the data we have collected to create an overview of the UK’s exposure to vulnerabilities following their disclosure, and track their remediation over time.”
The agency pointed out that is scanning the Internet using standard and freely available network tools running within a dedicated cloud-hosted environment. The probes are launched by the two IP addresses:
assigned to the from scanner.scanning.service.ncsc.gov.uk domain.
The experts of the National Cyber Security Centre collect and store any data that a service returns in response to a request. The agency states that the requests collect the smallest amount of technical information required for the purpose. The requests are also crafted to limit the amount of personal data within the response, NCSC explained that it doesn’t store personal or otherwise sensitive.
The scans are conducted in a safe manner, the agency tested them in its own environment before use.
“Most cyber security companies silently run internet scans similar to the ones we’re talking about. But the NCSC is part of an intelligence agency, so I think we need to be a bit more open about our scanning.” states the agency. “We’re not trying to find vulnerabilities in the UK for some other, nefarious purpose. We’re beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we’re doing (and why we’re doing it).”
UK organizations can also opt out of having their servers that they own or maintain being scanned by emailing a list of IP addresses they wish to be excluded at email@example.com.
(SecurityAffairs – hacking, National Cyber Security Centre)