The UK’s National Cyber Security Center (NCSC) has confirmed that it scans all national internet-connected servers for all possible security vulnerabilities to assess where the country is in terms of its cybersecurity credentials.
NCSC uses a cloud-based system to run scanning tools that will come from the scan.scanning.service.ncsc.gov.uk domain. It will start scans that will “slowly increase.” [in] complexity ”, similar to what is commonly undertaken by cybersecurity companies.
The agency’s technical director, Dr. Ian Levy, stressed the importance of having reliable data in order to make informed cybersecurity decisions. He referred to the Microsoft Exchange vulnerability that went public in March 2021 and the information NCSC extracted from the incident as part of the rationale for carrying out nationwide scans, noting that “understanding the risks to the UK from the different types of vulnerabilities available over different vectors at the right time, requires a dedicated function. “
Tenderness and clarity
NCSC says it only collects minimum user data to check for vulnerabilities that include complete Internet address details as well as “request time and date, and source and target endpoint IP addresses”.
It also promises that personal information collected by mistake will be deleted and prevented from being collected in future scans. “We are not trying to find loopholes in Britain for some other nefarious purpose,” said Dr. Levy.
NCSC also says it will be as transparent as possible in its processes. Its purpose is to “publicly explain the purpose and scope of the scanning system” as well as to audit its operation so that any reports of misconduct resulting from scanning can be effectively dealt with.
People can also opt out of having the servers they own from scanning by sending an email to scan@ncsc.gov.uk with a list of IP addresses they don’t want.