NHS web pages redirect visitors to malware sites
Rush to fix flaw in code blamed for NHS Choices malware gaffe.
More than 800 web pages run by the NHS have been compromised by hackers, redirecting visitors to malicious websites serving up adverts and malware.
The problem was discovered by a user of social news platform Reddit. The user, Muzzers, discovered the attack and said over 800 URLs belonging to the NHS had been compromised.
"While attempting to access flu shot information I stumbled upon a page which redirected me to an advertisement. Digging a bit deeper I found hundreds more pages which redirect to either an advertisement or malware-infested page," Muzzers posted on Reddit.
"It seems that many pages include these malicious script tags, which then kicks off the whole ordeal. Hiding the script under a malicious url googleaspis.com instead of a valid googleapis.com."
The problem affected users over Sunday night but wasn't fixed until Monday. In a statement, a spokeswoman for NHS Choices said a coding error was to blame for the redirection to a malware site. A simple misplaced letter "s" in a domain embedded in the code caused the error, as a developer had typed googleaspis.com instead of googleapis.com.
"Routine security checks alerted us to this problem on Monday morning at which point we identified the problem and corrected the code," said the spokeswoman.
"We can confirm that this problem has arisen due to an internal coding error and that NHS Choices has not been maliciously attacked. NHS Choices is treating this issue with urgency and once resolved we plan to undertake a thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no recurrence."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
All the links have now been fixed by the NHS Health and Social Care Information Centre (HSCIC).
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.