British government is scanning all Internet devices hosted in UK
#1
Written by Sergiu Gatlan

Published: November 4, 2022


The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities.

The goal is to assess UK's vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture.

"These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact," the agency said.

"The NCSC uses the data we have collected to create an overview of the UK's exposure to vulnerabilities following their disclosure, and track their remediation over time."

NCSC's scans are performed using tools hosted in a dedicated cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk and two IP addresses (18.171.7.246 and 35.177.10.231).

The agency says that all vulnerability probes are tested within its own environment to detect any issues before scanning the UK Internet.

"We're not trying to find vulnerabilities in the UK for some other, nefarious purpose," NCSC technical director Ian Levy explained.

"We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing (and why we're doing it)."



How to opt out of vulnerability probes


Data collected from these scans includes any data sent back when connecting to services and web servers, such as the full HTTP responses (including headers).

Requests are designed to harvest the minimum amount of info required to check if the scanned asset is affected by a vulnerability.

If any sensitive or personal data is inadvertently collected, the NCSC says it will "take steps to remove the data and prevent it from being captured again in the future."

British organizations can also opt out of having their servers scanned by the government by emailing a list of IP addresses they want to be excluded at scanning@ncsc.gov.uk.

In January, the cybersecurity agency also started releasing NMAP Scripting Engine scripts to help defenders scan for and remediate vulnerable systems on their networks.

The NCSC plans to release new Nmap scripts only for critical security vulnerabilities it believes to be at the top of threat actors' targeting lists.



-----------------------------------------------------



Note:

The site for this article is unreachable and blocked with an "Error - Access Denied" message.

https://www.bleepingcomputer.com/news/se...ted-in-uk/


The article can be viewed via Internet Archive:

https://web.archive.org/web/202211042206...ted-in-uk/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Why The US Government Should Respect The Privacy Rights Of Non-Americans NIK 13 30,597 Jun 16, 2024, 04:12 am
Last Post: stts2
  Trump signs bill renewing NSA's internet surveillance program nygeek 15 35,019 Jun 14, 2024, 23:51 pm
Last Post: stts2
  The Trump Government Shutdown -- Part 3 Executive 23 46,736 Jun 14, 2024, 22:54 pm
Last Post: stts2
  Czechia: Thousands of protesters demand government dismissal in Prague Resurgence 0 6,611 Nov 18, 2022, 14:19 pm
Last Post: Resurgence
  Who controls the internet? - A look at diversity of authoritative NS records in gTLDs Resurgence 0 6,442 Nov 17, 2022, 13:27 pm
Last Post: Resurgence



Users browsing this thread: 1 Guest(s)