Thousands of visitors the the NHS Choices site bombarded with malware after a coding error let a Czech hacker in by the back door
Monday 03 February 2014
Thousands of patients trying to access health advice on the NHS Choices website were bombarded with adverts and malware – potentially stealing personal information from their computers – due to a coding error yesterday.
Users of the site posted links to hundreds of pages which had caused the problems over Sunday night and Monday morning - although the issue is now fixed.
One user, called Muzzers, wrote on the social website Reddit: “While attempting to access flu shot information I stumbled upon a page which redirected me to an advertisement. Digging a bit deeper I found hundreds more pages which redirect to either an advertisement or malware infested page.”
About 800 pages were thought to be affected.
The Health and Social Care Information Centre, which runs the site, was quick to downplay the damage, claiming that the site had not been compromised by a hacker.
A spokeswoman said a simple misplaced letter s in a domain name embedded in the code was responsible. A developer had typed googleaspis.com instead of googleapis.com.
The spokeswoman added that on Sunday night someone in the Czech Republic registered the misspelled domain name meaning patients were redirected to a rogue site from which the adverts and malware were sent.
In a statement the HSCIC said: “An internal coding error has caused an incorrect re-direct on some pages on NHS Choices since Sunday evening. Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code.
“We are now ‘flushing through’ this correction to ensure that the code on all affected pages is amended and expect this to be completed this afternoon.
“We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked.
The spokeswoman also stressed that no patient data was at risk and that they were carrying out a “thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no reoccurrence".
The HSCIC spokeswoman added: "NHS Choices has conducted an investigation of the adverts that some users were taken to and found nothing malicious on the initial adverts that came up. However, as an additional precaution we intend to supplement our usage information with 'cyber smart' guidelines."
Internet security expert Graham Cluley cast doubt on the official explanation however, and said that anyone who had inadvertently downloaded malware could be at risk from viruses or having the personal information stored on their hard drives accessed.
“I’m surprised by that explanation,” he said. “What often happens is that a hacker will find a weak point and inject a piece of code to exploit it, and set up a domain name. If the explanation is correct then whoever registered the domain name in the Czech Republic must have scanned the code, which few do, or registered numerous sites in the hope of getting lucky. Also, programmers tend to cut and paste domain names rather than type them out, which is laborious. Either way, there is a normally a through audit to spot these things and make sure links work before going live.
He added: “More importantly, what has been compromised is people’s computers. Anyone who used that site may have had malware injected on to their home computers that is able to access their personal information. So there should be warnings that anyone who accessed the rogue site could have problems. Today the NHS should be about computer health and that computers could be compromised.”
Mr Cluley also said that any crime committed would be an offence against the home user by the person in the Czech Republic.
Life & Style blogs
Nokia no more: Microsoft drops once-ubiquitous mobile name in favour of its Lumia brand
Fake goats’ cheese found in supermarkets
Alternatives to cow’s milk can cause Vitamin D deficiency
Handy hacks that make life easier: New book reveals how to rid your inbox of spam, protect your passwords and amplify your iPhone
St Bees in Cumbria named best place to raise a family in the UK
Cameron is warned 'no possibility' of UK reducing immigration and that bid to bring in quota on migrant workers would be illegal
Of course, teenage girls need role models – but not like beauty vlogger Zoella
Residents should throw a street party and mix with immigrant neighbours, councils told
Russell Brand threatened with arrest after filming outside Fox News headquarters
London bus driver 'kicks gay couple off for kissing'
Support for EU membership 'at highest level since 1991 with most Brits wanting to stay in'
- 1 Nokia no more: Microsoft drops once-ubiquitous mobile name in favour of its Lumia brand
- 2 Renee Zellweger on plastic surgery reports: 'I'm living a fulfilling life and I'm thrilled that perhaps it shows'
- 3 Banksy not arrested: Internet duped by fake report claiming artist's identity revealed
- 4 Australian café owner sparks debate after saying 'No' to having unruly children on premises
- 5 Couple die within 28 hours of each other after being married for 73 years
iJobs Gadgets & Tech
£60000 - £70000 Per Annum Excellent benefits: Clearwater People Solutions Ltd:...
£40000 - £50000 Per Annum Excellent benefits: Clearwater People Solutions Ltd:...
£35000 per annum: Ashdown Group: 5 month Fixed Term Contract - Telecommunicati...
£26000 per annum + 25 days holiday & further benefits: Ashdown Group: Telecomm...