In order to assist the government in responding to zero-day threats, the National Cyber Security Centre of the United Kingdom has introduced a new tool that will continuously check every internet-connected device housed in the country for vulnerabilities.
The NCSC claims it started the program to provide a data-driven understanding of "the vulnerability and security of the U.K." The NCSC is a division of Government Communications Headquarters and serves as the U.K.'s technical authority for cyber threats.
It resembles the initiatives made by Norway's National Security Authority last year, when that body searched for proof of the use of Microsoft Exchange vulnerabilities to target internet users there. At the time, Slovenia's SI-CERT cybersecurity response team also said that it was alerting possible victims of the Exchange zero-day problem in its internet infrastructure.
According to the agency, the NCSC will scan every internet-accessible system housed in the UK and look for vulnerabilities that are common or particularly significant owing to their potential for wide-spread effect.
In order to "build an overview of the U.K.'s exposure to vulnerabilities following their disclosure and track their remedy over time," the NCSC said it will utilize the information gathered. The government also anticipates that the data will enable system owners make daily security posture decisions and also speed up UK response to events like actively exploited zero-day vulnerabilities.
According to the agency, the data gathered from these scans includes any information returned when connecting to services and web servers, such as the complete HTTP responses, as well as details for each request and response, such as the time and date of the request and the IP addresses of the source and destination endpoints.
It states that requests are made to get the least amount of data necessary to determine if the asset being scanned is vulnerable. The NCSC states that it will "take steps to erase the data and prevent it from being taken again in the future" if any sensitive or personal information is unintentionally gathered.
The scans are carried out using software that is hosted only by the NCSC in the cloud, making it simple for network administrators to recognize the organization from its records. Organizations situated in the UK can choose not to have the government scan their servers by sending an email to the NCSC with a list of IP addresses they don't want included.