“This page provides information on the NCSC’s scanning activities. You may have been referred here by information left by one of our scanning probes if a system you own or administer has been scanned.”
So begins the UK’s National Cyber Security Center information page describing their new scanning program. In a blog post entitled “Scanning the Internet for Fun and Profit,” the NCSC describes the rationale for their program.
As part of an intelligence agency, the NCSC has to answer what they call “Grand Challenges”:
But the analyses we’ve published don’t answer the really hard questions, like ‘How vulnerable is the UK to cyber attack?’ or ‘Does HMG policy X have any impact on our security?’. Internally, we have a small number of ‘Grand Challenges’; research projects trying to find solutions to these really hard cyber security problems.
To answer these questions, they need better tools. As they put it, just “running regex over Shodan” isn’t enough. So they’re initiating their own scans:
During the 18 months or so that challenge has been running, we’ve made good progress using existing sources of data (including data from the ACD [Active Cyber Defense] services), but we’ve reached the limit of the utility of the commercial internet-scanning data we procure. Sometimes they don’t have the detail we need, or they’re not timely enough, or they don’t include specific IP ranges we need to look at.
Their scanning program is designed to overcome these deficiencies and help “respond to shocks” (a zero day).
It’s possible to opt out of scanning – see the information page.
What do you think about this kind of white hat scanning? I have to think that various intrusion detection systems are going to be firing alerts as a consequence which is noise that system owners need to deal with. Please share your thoughts in the comments below!
Related Posts:
Silicom Network's Lifetime Deals Are Back! Get Started for $9 ONCE in Many Cities Around the World
Glitch Servers' 30% Off Winter Sale is Now Live!
Little Machines in Big Datacenters: Where to Host Your Raspberry Pi
Server.net: Cheap, Powerful Dedicated Servers in London with Special Pricing!
It's Been a Minute: GanderWeb is Back with Cheap VPS Offers in the UK!
"Can You Wow Our Readers?" Rackdog's Answer: "Hold My Beer!" Cheap Dedicated Servers in London UK!
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- Let’s Encrypt Retiring Expiration Emails: Three Quick Solutions to Fill the Gap - February 4, 2025
- Tons of New Apps Added on PikaPods, Plus More Features!FREE $5 Welcome Credit Offer Still Good! - February 2, 2025
- Need a High RAM VPS?ByteHosting Has a HOT DEAL For You! - February 1, 2025
Leave a Reply