Attack Surface Management , Endpoint Security , Internet of Things Security

UK NCSC Says Friendly Spooks Scanning British Internet

Effort Cataloging Vulnerable Systems to Aid Remediation; Includes Privacy Controls
UK NCSC Says Friendly Spooks Scanning British Internet
A Oct. 12, 2022, network map of the internet (Image: Barrett Lyon / The Opte Project)

U.K. intelligence officials say a new project that is scanning the British internet for vulnerable systems is part of an effort to boost national levels of cybersecurity.

See Also: Live Webinar | How To Meet Your Zero Trust Goals Through Advanced Endpoint Strategies

The National Cyber Security Centre - a public-facing component of signals intelligence agency Government Communications Headquarters - disclosed the scanning project in a Tuesday blog post.

"We're not trying to find vulnerabilities in the U.K. for some other, nefarious purpose. We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing," wrote Ian Levy, NCSC technical director.

The project will scan networked systems throughout the United Kingdom at regular intervals to detect vulnerabilities. The idea is to collect data to quantify risk exposure and respond to shocks such as a widely exploited zero-day vulnerability.

The NCSC says it will use cloud-hosted tools that connect to IP addresses assigned to scanner.scanning.service.ncsc.gov.uk. Specifically, 18.171.7.246 and 35.177.10.231.

To address the privacy concerns, the NCSC says it will avoid collecting personal information. Data collected from the users will include HTTP response including headers from web servers. For other services, it will hold on to "data that is sent by the server immediately after a connection has been established or a valid protocol handshake."

Network administrators can opt-out by emailing their IP address to the agency, it says.

Scanning the internet for vulnerabilities, of course, is hardly an original activity. Hackers and cybersecurity companies have silently being doing so for decades. In 2014, cybersecurity researcher Rob Graham unveiled a tool he dubbed masscan capable of scanning the entire internet within minutes.

"The internet is pretty small, it's only 4 billion addresses," he told attendees at the Def Con conference in Las Vegas at the time. "You will find hackable systems within minutes."


About the Author

Akshaya Asokan

Akshaya Asokan

Consultant Editor, ISMG

Asokan is a consultant editor for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.