U.K. government scans all internet devices hosted in the country for bugs

Share post:

The United Kingdom’s National Cyber Security Centre (NCSC), the government agency leading the country’s cybersecurity mission, has launched a program to scan all internet-connected devices for known vulnerabilities to assess how well their organizations are prepared for a potential cyberattack.

The government agency has specified a specific domain and IP address from which all scan requests will originate, and the data will be logged for device and bug information each time. This information will be used to analyze and understand their defense capabilities. The agency also intends to secure these devices and notify their owners of vulnerabilities discovered.

The primary goal of this program is to collect data on how well their local businesses are protected. According to the agency, these scans are similar to the detection of vulnerabilities by private cybersecurity companies and become more complex over time, which would allow the agency to provide further information at the CYBERUK conference scheduled for April next year.

As the source of the scan requests, the authority cited their IP addresses – 18.171.7.246 and 35.177.10.231, as well as the domain – scanner.scanning.service.ncsc.gov.uk – as the source of the scanning requests.

As we prepare for mass scanning, anyone can email the agency at scanning @ncsc.gov.uk to request that certain IP addresses be excluded from scanning.

“As part of the NCSC’s mission to make the UK the safest place to live and do business online, we are building a data-driven view of ‘the vulnerability of the UK’.” reads the post published by the Agency.

“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact. The NCSC uses the data we have collected to create an overview of the UK’s exposure to vulnerabilities following their disclosure and track their remediation over time.”

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Sleeper Supply Chain Attack Activates After 6 Years

A coordinated supply chain attack has compromised between 500 and 1,000 e-commerce websites by exploiting vulnerabilities in 21...

Russian-Controlled Open Source Tool Raises Alarms Over U.S. Cybersecurity

A widely used open-source Go library, easyjson, used in healthcare, finance and even defence has come under scrutiny...

Signal Archiving Tool Used By Trump Admin Is Breached, Raising Alarms Over Messaging Security (EDITORIAL)

(EDITORIAL) A messaging tool used by Trump administration officials to archive encrypted Signal messages has been hacked —...

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways