UK NCSC govt agency is scanning the Internet for flawed devices in the UK

Pierluigi Paganini November 07, 2022

The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities.

The United Kingdom’s National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United Kingdom for vulnerabilities.

The UK agency aims at secure these devices reporting the discovered vulnerabilities to their owners.

“As part of the NCSC’s mission to make the UK the safest place to live and do business online, we are building a data-driven view of “the vulnerability of the UK”. ” reads the post published by the Agency.

“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact,” the agency said.

“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact. The NCSC uses the data we have collected to create an overview of the UK’s exposure to vulnerabilities following their disclosure, and track their remediation over time.”

The agency pointed out that is scanning the Internet using standard and freely available network tools running within a dedicated cloud-hosted environment. The probes are launched by the two IP addresses:

  • 18.171.7.246
  • 35.177.10.231

assigned to the from scanner.scanning.service.ncsc.gov.uk domain.

The experts of the National Cyber Security Centre collect and store any data that a service returns in response to a request. The agency states that the requests collect the smallest amount of technical information required for the purpose. The requests are also crafted to limit the amount of personal data within the response, NCSC explained that it doesn’t store personal or otherwise sensitive.

The scans are conducted in a safe manner, the agency tested them in its own environment before use.

“Most cyber security companies silently run internet scans similar to the ones we’re talking about. But the NCSC is part of an intelligence agency, so I think we need to be a bit more open about our scanning.” states the agency. “We’re not trying to find vulnerabilities in the UK for some other, nefarious purpose. We’re beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we’re doing (and why we’re doing it).”

UK organizations can also opt out of having their servers that they own or maintain being scanned by emailing a list of IP addresses they wish to be excluded at [email protected].

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, National Cyber Security Centre)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment