Jump to content
  • British govt is scanning all Internet devices hosted in UK

    alf9872000

    • 1 comment
    • 514 views
    • 2 minutes
     Share


    • 1 comment
    • 514 views
    • 2 minutes

    The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities.

     

    The goal is to assess UK's vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture.

     

    "These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact," the agency said.

     

    "The NCSC uses the data we have collected to create an overview of the UK's exposure to vulnerabilities following their disclosure, and track their remediation over time."

     

    NCSC's scans are performed using tools hosted in a dedicated cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk and two IP addresses (18.171.7.246 and 35.177.10.231).

     

    The agency says that all vulnerability probes are tested within its own environment to detect any issues before scanning the UK Internet.

     

    "We're not trying to find vulnerabilities in the UK for some other, nefarious purpose," NCSC technical director Ian Levy explained.

     

    "We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing (and why we're doing it)."

    How to opt out of vulnerability probes

    Data collected from these scans includes any data sent back when connecting to services and web servers, such as the full HTTP responses (including headers).

     

    Requests are designed to harvest the minimum amount of info required to check if the scanned asset is affected by a vulnerability.

     

    If any sensitive or personal data is inadvertently collected, the NCSC says it will "take steps to remove the data and prevent it from being captured again in the future."

     

    British organizations can also opt out of having their servers scanned by the government by emailing a list of IP addresses they want to be excluded at [email protected].

     

    In January, the cybersecurity agency also started releasing NMAP Scripting Engine scripts to help defenders scan for and remediate vulnerable systems on their networks.

     

    The NCSC plans to release new Nmap scripts only for critical security vulnerabilities it believes to be at the top of threat actors' targeting lists.

     

    Source

    • Like 2
    • Thanks 1

    User Feedback

    Recommended Comments

    Quote

    British organizations can also opt out of having their servers scanned by the government by emailing a list of IP addresses they want to be excluded at [email protected].

    ...which will be handed over to the NSA for even more thorough 'scanning' 📡🕵️‍♂️🤣

    Edited by Mutton
    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...