You have been scanned by Big Brother (NCSC) – If you have a server

[Ed P]

The National Cyber Security Service are actively scanning UK servers for vulnerabilities. If you own a server you can check in your logs to see if you have had a visit from 18.171.7.246 or 35.177.10.231. This relatively benign oversight is being done to build up a view of how vulnerable the UK is to a cyber attack. Its better than nothing but all it will do at the moment is to alert you if your server software is out of date or vulnerable.

The details of what is being done and why are given in this link.

Unfortunately this will not protect us against the Stexnet type attacks carried out by the US on Iran. The weak link in those cases is people, and unsafe/unthinking actions.

As I said, the NCSC action is better than nothing, but really a higher degree of Sysadmin alertness in locking down systems might be a better measure.

[Dave Rice]

It never ceases to amaze me how incompetent some large organisations are. That’s not just my Defense Industry experience, we were just as diligent at the Post Office too. But that was then, I dread to think what it’s like now it’s been out sourced to the lowest bidder over two decades (this isn’t Royal Mail systems I’m talking about BTW).

[Ed P]

Yes Dave, those were the days when most big companies had competent in-house IT and diligent SysAdmins who got reamed out by their reasonably knowledgeable Director if things were a bit out of kilter.

Today almost everything is outsourced to some off-shore sweat-box where there is little or no personal responsibility. I really wonder if Logs ever get read if nothing obvious has gone wrong – though I bet a box is ticked saying that they have!.

[Author]

Posts