Tag Archives: Guardian

NHS Website Sent Users to Malware Site

The NHS is at the centre of another controversy as their website has been redirecting thousands of people to pages that contained malware or advertising.

The problem was first experienced during the weekend where users inevitably took to social media sites to express their anger and views about the situation.

A user, who goes by the name Muzzers on Reddit, stated that he came across the problem when searching for flu shot information.

Muzzers stated, “So while attempting to access flu shot information I stumbled upon a page which redirected me to an advertisement. Digging a bit deeper I found hundreds more pages which redirect to either an advertisement or malware infested page.”

In total, it is believed that the problem affected over 800 pages but the site administrators have been keen to stress that the problem wasn’t caused by hackers but by a typo by a developer.

A spokeswoman for the Health and Social Care Information Centre (HSCIC) which runs the NHS website told the Guardian, “Last year, a developer accidentally put “translate.googleaspis.com” rather than “translate.googleapis.com” as the source for the JavaScript file. Last night someone in the Czech Republic took ownership of the incorrectly spelt domain it was referring to; the correctly spelled one is actually owned by Google. Although the typo existed in NHS Choices code, until the point the domain name was purchased, this was not causing any issues.”

The vast majority if not all of the affected links have now been corrected but it remains unclear just what impact this has had as there is the potential threat that personal data has been compromised.

Internet security expert Graham Cluey finds the explanation baffling and if it is true, then anybody who inadvertently downloaded the malware could be at risk.

Cluey stated, “I’m surprised by that explanation… what often happens is that a hacker will find a weak point and inject a piece of code to exploit it and set up a domain name. Otherwise whoever registered the domain name in the Czech Republic must have scanned the code, which few do, or registered numerous websites in the hope of getting lucky.”

A spokeswoman for the HSCIC claimed that they will ensure that no reoccurrence of this will ever happen again.

She stated, “NHS Choices is treating this issue with urgency and once resolved we plan to undertake a thorough and detailed analysis to ensure that a full code review is undertaken and steps put in place to ensure no reoccurrence.”

It today’s world, it is now imperative that all data is protected by a robust backup solution to ensure that it can be recovered. Users need to also ensure that they protect their machines by ensuring that they have the latest security updates installed and working properly.

NSA & GCHQ Target Mobile Apps to Gain Personal Data

It has been reported that personal data has been obtained by the British spy agency, Government Communications HQ (GCHQ) and the US spy agency, National Security Agency (NSA) from smartphone apps which leak personal data.

The documents were leaked by Edward Snowden who is currently living in asylum in Russia and faces espionage charges in the USA after revealing the NSA’s telephone and surveillance programmes last year.

It is reported that the leaked documents show that mapping, gaming and social networking apps are providing the GCHQ and NSA with location information and other details such as their political association and sexual orientation.

One app that has been heavily exploited is Angry Birds. It is one of the leading apps with a download count of over 1.7 billion worldwide.

Rovio, the company that made the app Angry Birds claimed that they have no knowledge of the GCHQ or NSA trying to collect data from their app.

Saara Bergström, who is Rovio’s VP of marketing and communications stated, “Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks. Nor do we have any involvement with the organizations you mentioned (NSA and GCHQ).”

Angry Birds wasn’t the only app to be detailed in which personal data was obtained. In one of the leaked documents, there was a list which detailed other mobile apps which could be exploited. Such apps that were listed included the likes of Facebook, Twitter, Flixster and Flickr.

Reports in the New York Times and the Guardian suggested that the joint spying programme “effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”

The NSA has released a statement claiming that these allegations are not true. In the statement, they claimed that, “Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. We collect only those communications that we are authorised by law to collect for valid foreign intelligence and counterintelligence purposes – regardless of the technical means used by the targets.”

The GCHQ refused to comment but claimed that all of its activities were “authorised, necessary and proportionate.”

With social media apps and gaming apps becoming more and more popular, it is important that you are happy with just how much personal data is potentially being disclosed as it is unknown just who may be able to access it.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal