The UK’s National Cyber Security Centre (NCSC) has confirmed it is scanning all of the nation’s internet-connected servers for any possible vulnerabilities in order to assess where the country lies in terms of its cybersecurity credentials.
The NCSC is using a cloud-based system to run the scanning tools, which will be coming from the domain scanner.scanning.service.ncsc.gov.uk. It will run scans that “will slowly increase [in] complexity,” similar to those commonly undertaken by cyber security companies.
The agency’s technical director, Dr. Ian Levy, stated the importance of having reliable data to make informed decisions about cybersecurity. He referenced the Microsoft Exchange vulnerability that went public in March 2021, and the information the NCSC gleamed from the incident, as part of the justification for carrying out nationwide scans, noting that, “understanding the risk to the UK from different vulnerability types, accessible over different vectors in a timely manner, requires a dedicated capability.”
Sensitivity and transparency
The NCSC says it is only collecting the bare minimum of user data to check for vulnerabilities, which includes full web address data, as well as, “the time and date of the request and the IP addresses of the source and destination endpoints”.
It is also promising that personal data collected by mistake will be removed and prohibited from being swept up in future scans. “We’re not trying to find vulnerabilities in the UK for some other, nefarious purpose”, stated Dr. Levy.
The NCSC also claims that it will be as transparent as possible with its processes. It aims to “publicly explain the purpose and scope of the scanning system”, as well as audit its activity so that any reports of misconduct resulting from the scans can be dealt with effectively.
People can also opt-out of having servers that they own from being scanned by emailing [email protected] with a list of IP addresses that they want precluded.