UK to scan all Internet devices in Britain for zero-day threats

In a bid to improve how the UK Government is able to respond to zero-day threats, the National Cyber Security Centre (NCSC) has launched an initiative that will scan every Internet-connected device in the country for potential cyber threats.

The main goal of this program is to gain a data-driven understanding about the diverse range of vulnerability and security threats facing the UK. Other national security agencies across the world have deployed similar tools in the past to deal with the aftermath of security threats. For example, Norway’s National Security Authority looked for evidence that Internet users in the country had been the victim of a Microsoft Exchange vulnerability.

“The NCSC internet scanning capability [will] help system owners understand their security posture on a day-to-day basis and respond to shocks – like a widely exploited zero-day vulnerability,” wrote Dr Ian Levy, Technical Director at the NCSC, in a blog post.

The first step of this program will see simple scans being taken, with the complexity slowly increased. While Levy acknowledges that cyber security firms regularly carry out similar scans, as NCSC is part of a Government intelligence agency, he believes it is essential to publicly share information about the project.

“Most cyber security companies silently run internet scans similar to the ones we are talking about. We are not trying to find vulnerabilities in the UK for some other, nefarious purpose,” added Levy.

While the scanning requests that the NCSC will undertake are designed to ensure that as little sensitive data as possible is collected, if this accidentally happens, the organisation said it will take steps to remove this data and attempt to stop it from being collected again. Scans will be performed from inside the organisation’s cloud-hosted environment, making it simple for network administrators to identify the NCSC as the source of these scans.

This scanning initiative is part of the NCSC’s Active Cyber Defence programme, which intends to make cyber security more scientific and less driven by marketing in the hopes of better understanding the reality of cyber attacks and the efficacy of various defences.