NHS England withdraws public software over AI hacking fears (www.computing.co.uk)

NHS England has announced the temporary withdrawal of publicly accessible software repositories due to concerns about cybersecurity risks posed by advanced AI tools, specifically referencing the capabilities of the Mythos model developed by Anthropic. This shift marks a significant departure from the NHS's long-standing policy that encouraged open-source software development, intended to foster collaboration and improve public trust. Under the new directive, all source code must be kept private by default, with public access allowed only in exceptional cases. Staff have been given until May 11 to comply, reflecting growing apprehension over the potential exploitation of system vulnerabilities by malicious actors harnessing emerging AI technologies. The decision has sparked a debate within the AI/ML community about the balance between transparency and security. Critics, including experts from the AI Security Institute, argue that the threat posed by Mythos is overstated, as it primarily targets inadequately secured systems. Some believe that restricting open-source access could inadvertently weaken security efforts by limiting community scrutiny that helps identify vulnerabilities. While NHS England maintains that these precautionary measures are temporary, the broader implications for open-source practices in public sectors may undermine the collaborative spirit that has driven software development in the past.