British Experts Scan All Devices in the Country Looking for Vulnerabilities

The UK’s National Cyber Security Center (NCSC) said its experts regularly scan all internet-accessible devices in the country to detect vulnerabilities.

Let me remind you that we also wrote that the FBI and NSA release a statement about attacks by Russian hackers, and also that Hackers scan network for vulnerable Microsoft Exchange servers.

The purpose of the NCSC is to assess the UK’s vulnerability to cyberattacks, as well as to help owners of Internet-connected devices assess their security.

These actions cover any Internet-accessible systems hosted in the UK, as well as vulnerabilities that are widespread or especially important due to the high degree of risk. The NCSC is using the collected data to create an overview of the UK’s exposure to vulnerabilities once they are disclosed, and to track their remediation over time.the official statement says.

It is reported that scanning is carried out using tools hosted in a dedicated cloud environment at scanner.scanning.service.ncsc.gov.uk, from two IP addresses (18.171.7.246 and 35.177.10.231). It is emphasized that before scanning the British Internet, all vulnerability scanners are pre-tested in the NCSC’s own environment to identify any possible problems.

Ian Levy
Ian Levy
We are not trying to find vulnerabilities in the UK for any other nefarious purpose. We start with a simple scan and will gradually increase the complexity, explaining what we are doing (and why we are doing it).explains NCSC CTO Ian Levy.

The information collected during these scans includes any data that may be transmitted in response to connecting to various services and web servers, such as full HTTP responses (including headers). NCSC queries are designed to collect the minimum amount of information needed to test for vulnerabilities.

If any sensitive or personal data is collected during the scans, NCSC assures that it will “take steps to delete the data and prevent it from being collected again in the future.

Also, UK organizations can opt out of having their servers scanned by emailing the authorities a list of IP addresses they wish to exclude.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *