NHS closes hundreds of open source repositories over AI security fears

Healthcare giant gives maintainers May deadline amid concerns about Anthropic's Mythos model

By
Nikola Pejcic
-

The UK’s National Health Service is temporarily closing off hundreds of open source projects on GitHub, citing concerns about advanced AI models and their ability to find security vulnerabilities in public code.

The move represents a significant shift for the NHS, which has long championed open source development. The healthcare giant has given its technology teams until May 11 to switch their public repositories to private status.

AI models pose new code security risks

Internal NHS guidance, seen by The Register, specifically mentions Anthropic’s Mythos model as a key concern. The document warns that “public repositories materially increase the risk of unintended disclosure of source code, architectural decisions, configuration detail, and contextual information that may be exploited.”

The guidance points to “rapid advancements in AI models capable of large-scale code ingestion, inference, and reasoning” as the primary driver for the policy change. The NHS Engineering Board approved the decision.

An NHS England spokesperson confirmed the move is temporary while the organization assesses cybersecurity risks:

“We are temporarily restricting access to some NHS England source code to further strengthen cybersecurity while we assess the impact of rapid developments in AI models. We will continue to publish source code where there is a clear need.”

Most repositories contain routine code

NHS sources indicate that very few of the hundreds of repositories contain sensitive information. The affected repositories typically include:

  • Documentation and architecture diagrams
  • Internal web applications for managing clinic schedules
  • Routine administrative tools
  • Development frameworks and templates

While AI models like Mythos could potentially identify bugs in this code, insiders believe the actual risk to healthcare services is minimal.

Policy reversal for open source advocate

The decision marks a notable change for the NHS, which has historically been a strong proponent of open source development. The organization’s service manual explicitly states that all new source code should be made open and shareable under appropriate licenses.

“Public services are built with public money,” the manual explains. “So unless there’s a good reason not to, the code they’re based on should be made available for other people to reuse and build on.”

This philosophy aligns with broader UK government policy favoring open source solutions to avoid vendor lock-in and enable code reuse across departments.

Mythos capabilities remain disputed

Anthropic markets Mythos as capable of rapidly finding vulnerabilities that skilled human security teams would miss. However, the model’s actual capabilities remain a subject of debate in the security community.

UK authorities, including the AI Safety Institute and National Cyber Security Centre, have acknowledged that Mythos represents an advancement beyond expected AI development timelines. But critics question whether the threat justifies dramatic policy changes.

Key concerns about Mythos include:

  • Anthropic hasn’t disclosed the model’s false positive rate
  • Independent tests show smaller gaps with open source alternatives than Anthropic suggests
  • The model remains restricted to select organizations through Project Glasswing

Forrester analysts warn that once powerful AI models become publicly available to attackers, open source software will face genuine new threats.

Security experts question effectiveness

Former NHS open technology head Terence Eden argues that making repositories private won’t provide meaningful protection against AI-powered attacks. He points out that most open source code was already ingested by AI training systems years ago.

“Closing now doesn’t meaningfully protect you,” Eden writes in a recent blog post. “If it was moderately interesting, then it was backed up by a digital hoarder. It has been archived by various digital libraries.”

Eden suggests that organizations face bigger risks from supply chain vulnerabilities in their operating systems and third-party libraries rather than from bugs in their own code. He recommends focusing on traditional security measures like improving password policies and defending against phishing attacks.

The NHS hasn’t provided a timeline for when the temporary restrictions might be lifted or detailed criteria for returning to open source development.

Have you subscribed to our free newsletter, yet?
Add your email below and it will hit your inbox every Monday!