The UK Government Launches Program to Scan All Internet Devices

According to the reports, a vulnerability scanning program for internet devices is to commence in the UK. The United Kingdom is launching a program that will monitor all internet devices that could pose a threat to national security.

It was announced that the National Cyber Security Centre (NCSC) will be hosting the vulnerability program. The responsibility of the NCSC is to review all internet devices in the UK and identify their vulnerabilities. The NCSC will be conducting vulnerability scanning for the duration of the program.

Ian Levy, NCSC Technical Director gave his thoughts on the program. He said the vulnerability program is a similar exercise to what organizations do to identify vulnerabilities in their security. He said that it will notify various companies and potential victims about the vulnerabilities of a product.

Apart from identifying vulnerabilities, the program will also gather information on how much it would take to patch vulnerabilities. Levy explained that vulnerability scanning will become a complex exercise over time. He said that there would be more public announcements as the program progresses.

Scan is a Part of Early Warning Service

The program will run along with the Early Warning Service program. However, scanning is not conducted in the Early Warning Service program. All internet devices will be scanned in the UK will undergo scanning in the vulnerability program.

To opt out of the program, a list of IP addresses to be exempted from scanning should be sent as an email to the agency. The NCSC said that it has no other alternative motive for the vulnerability scanning program. They revealed that they are still testing their tools ahead of the program.

Individuals and organizations based in the UK are to expect incoming scans from URL [scanner.scanning.service.ncsc.gov.uk] and IP addresses [18.171.7.246] and [35.177.10.231]. Some devices that have security software installed may receive notifications about incoming scans.

The Senior Director of Cybrary, David Maynor, said that it is a positive sign that the UK government wants to increase its security posture.

UK Government Concerned About Privacy Infringement 

However, it is normally observed that scanning comes with privacy concerns. Individuals who aren’t familiar with the process of vulnerability scanning may find it hard to believe its genuineness.

Chris Vaughan, the Vice President of Tanium, said that the program will allow NCSC to flag security issues to system owners and keep them accountable. Furthermore, he said, despite the benefits, concerns will be raised about privacy. Finally, he added that it was right for the NCSC to explain that vulnerability scans do not require much information.