The United Kingdom’s National Cyber Security Centre (NCSC), the government agency leading the country’s cybersecurity mission, has launched a program to scan all internet-connected devices for known vulnerabilities to assess how well their organizations are prepared for a potential cyberattack.
The government agency has specified a specific domain and IP address from which all scan requests will originate, and the data will be logged for device and bug information each time. This information will be used to analyze and understand their defense capabilities. The agency also intends to secure these devices and notify their owners of vulnerabilities discovered.
The primary goal of this program is to collect data on how well their local businesses are protected. According to the agency, these scans are similar to the detection of vulnerabilities by private cybersecurity companies and become more complex over time, which would allow the agency to provide further information at the CYBERUK conference scheduled for April next year.
As the source of the scan requests, the authority cited their IP addresses – 220.127.116.11 and 18.104.22.168, as well as the domain – scanner.scanning.service.ncsc.gov.uk – as the source of the scanning requests.
As we prepare for mass scanning, anyone can email the agency at scanning @ncsc.gov.uk to request that certain IP addresses be excluded from scanning.
“As part of the NCSC’s mission to make the UK the safest place to live and do business online, we are building a data-driven view of ‘the vulnerability of the UK’.” reads the post published by the Agency.
“These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact. The NCSC uses the data we have collected to create an overview of the UK’s exposure to vulnerabilities following their disclosure and track their remediation over time.”
The sources for this piece include an article in BleepingComputer.