December 8, 2022
Attack Surface Management , Endpoint Security , Internet of Things Security Akshaya Asokan (asokan_akshaya) • November 3, 2022     A Oct. 12, 2022 network map of the internet (Image: Barrett Lyon / The Opte Project) The U.K. intelligence agency says a new project scanning the British internet for vulnerable systems is just a case…

Attack Surface Management , Endpoint Security , Internet of Things Security

Akshaya Asokan (asokan_akshaya) • November 3, 2022     A Oct. 12, 2022 network map of the internet (Image: Barrett Lyon / The Opte Project)

The U.K. intelligence agency says a new project scanning the British internet for vulnerable systems is just a case of it attempting to boost national levels of cybersecurity.

See Also: OnDemand | API Protection – The Strategy of Protecting Your APIs

The National Cyber Security Centre – a public-facing component of signals intelligence agency Government Communications Headquarters – disclosed the scanning project in a Tuesday blog post.

“We’re not trying to find vulnerabilities in the U.K. for some other, nefarious purpose. We’re beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we’re doing,” wrote Ian Levy, NCSC technical director.

The project will scan networked systems throughout the United Kingdom at regular intervals to detect vulnerabilities. The idea is to collect data to quantify risk exposure and respond to shocks such as a widely-exploited zero day vulnerability.

The NCSC says it will use cloud-hosted tools that connect to IP addresses assigned to scanner.scanning.service.ncsc.gov.uk. Specifically, 18.171.7.246 and 35.177.10.231.

To address the privacy concerns, the NCSC says it will avoid collecting personal information. Data collected from the users will include HTTP response including headers from web servers. For other services, it will hold on to “data that is sent by the server immediately after a connection has been established or a valid protocol handshake.”

Network administrators can opt-out by emailing their IP address to the agency, it says.

Scanning the internet for vulnerabilities, of course, is hardly an original activity. Hackers and cybersecurity companies have silently being doing so for decades. In 2014, cybersecurity researcher Rob Graham unveiled a tool he dubbed masscan capable of scanning the entire internet within minutes.

“The internet is pretty small, it’s only 4 billion addresses,” he told session of the Def Con conference in Las Vegas. “You will find hackable systems within minutes.”

Source