UK NCSC Says Friendly Spooks Scanning British InternetEffort Cataloging Vulnerable Systems to Aid Remediation; Includes Privacy Controls
U.K. intelligence officials say a new project that is scanning the British internet for vulnerable systems is part of an effort to boost national levels of cybersecurity.
The National Cyber Security Centre - a public-facing component of signals intelligence agency Government Communications Headquarters - disclosed the scanning project in a Tuesday blog post.
"We're not trying to find vulnerabilities in the U.K. for some other, nefarious purpose. We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing," wrote Ian Levy, NCSC technical director.
The project will scan networked systems throughout the United Kingdom at regular intervals to detect vulnerabilities. The idea is to collect data to quantify risk exposure and respond to shocks such as a widely exploited zero-day vulnerability.
The NCSC says it will use cloud-hosted tools that connect to IP addresses assigned to
To address the privacy concerns, the NCSC says it will avoid collecting personal information. Data collected from the users will include HTTP response including headers from web servers. For other services, it will hold on to "data that is sent by the server immediately after a connection has been established or a valid protocol handshake."
Network administrators can opt-out by emailing their IP address to the agency, it says.
Scanning the internet for vulnerabilities, of course, is hardly an original activity. Hackers and cybersecurity companies have silently being doing so for decades. In 2014, cybersecurity researcher Rob Graham unveiled a tool he dubbed masscan capable of scanning the entire internet within minutes.
"The internet is pretty small, it's only 4 billion addresses," he told attendees at the Def Con conference in Las Vegas at the time. "You will find hackable systems within minutes."