NCSC project will help UK businesses identify security vulnerabilities

An image showing the NCSC logo on its website under a magnifying glass
(Image credit: Shutterstock)

The UK's National Cyber Security Centre (NCSC) has launched the Scanning Made Easy (SME) trial project to help businesses quickly and easily identify security vulnerabilities in their systems.

SME will see various scripts being offered to businesses for free allowing them to easily identify a range of specific critical vulnerabilities. The aim is to make patching more straightforward for businesses, especially ones with fewer cyber security capabilities compared to larger firms.

The NCSC said it won't be releasing scripts for every single vulnerability but said they will be continually developed and reviewed for security issues that "are consistently causing headaches for system administrators".

The scripts will be written by the NCSC's i100 partners (i100 is an initiative that promotes collaboration between the NCSC and outside industry talent) and will conform to the cyber organisation's SME developer guidelines which defines what the script is able to do and how it verifies a vulnerability.

"It is important that anyone running the scripts knows what they do," the NCSC said.

Each script will be written using the NMAP Scripting Engine, one of NMAP's most powerful tools designed for developers to easily create and share scripts to automate a variety of networking tasks in the industry-standard network mapping tool.


The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management


"When a software vulnerability is disclosed, it is often easier to find proof-of-concept code to exploit it, than it is to find tools that will help defend your network," the NCSC said.. "To make matters worse, even when there is a scanning script available, it can be difficult to know if it is safe to run, let alone whether it returns valid scan results.

"SME was born out of our frustration with this problem and our desire to help network defenders find vulnerable systems, so they can protect them."

The first script SME has released is for Exim message transfer agent (MTA) remote code execution (RCE) vulnerabilities, sometimes known as '21Nails' or otherwise tracked as CVE-2020-28017 through CVE-2020-28026.

Businesses can download the script via GitHub and are advised to run the script regardless of whether they think they have Exim MTA - "you might be surprised by what you find installed on your network," it said. Once it has run, the script will display easy-to-read results, a description of the vulnerability, and a link to the appropriate vendor's security advisory.

Businesses are also encouraged to build their own scripts, in accordance with the NCSC's SME developer guidelines, and submit them to the cyber organisation for review to expand the program further.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.