Heimdal
article featured image

Contents:

The United Kingdom’s National Cyber Security Centre (NCSC), the government agency leading UK’s cybersecurity mission, will start scanning all the Internet-exposed devices hosted in the UK.

In a statement posted on its official website, the NCSC declared that this operation will help them better understand the country’s vulnerability and security. Also, this will be a good indicator for system owners in assessing their level of security.

The NCSC uses the data we have collected to create an overview of the UK’s exposure to vulnerabilities following their disclosure and track their remediation over time.

Source

What Information Will be Collected?

Any data that a service returns in response to a request will be collected. In the case of servers, this will include the full HTTP response to a valid HTTP request. And in the case of other services, the data collected will include the data sent by the server immediately after a connection has been established or a protocol has been completed.

The time and date, as well as the IP addresses of the source and destination endpoints, will also be recorded.

The governmental agency declared that their requests were designed to collect the smallest amount of technical data required to detect the presence of vulnerabilities in a piece of software.

In the unlikely event that we do discover information that is personal or otherwise sensitive, we take steps to remove the data and prevent it from being captured again in the future.

Source

How Is the Scanning Performed?

To identify the existence of a vulnerability on a system, the NCSC declared that it will need to identify the existence of specific associated protocols or services.

Throughout the process, the agency will interact with the system in the same way a web browser or other client would typically interact with it.

According to BleepingComputer the NCSC will perform its scans using tools hosted in a dedicated cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk, and two IP addresses, 18.171.7.246 and 35.177.10.231

You can opt-out from having the servers you own or maintain scanned by the NCSC by reaching out to scanning@ncsc.gov.uk with a list of the IP addresses you wish to exclude from any future scan activity

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

Author Profile

Cristian Neagu

CONTENT EDITOR

linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE