NHS Plans to Shut Down Open-Source Repos Over AI Risks

The United Kingdom's National Health Service (NHS) is planning to shut down nearly all of its public source code repositories, driven by growing concerns that artificial intelligence poses critical security risks to its digital infrastructure. The revelation, disclosed by British technology expert and open-source advocate Terence Eden, has sent shockwaves through the open-source community and raised urgent questions about the future of transparency in government technology.

Eden, who previously led open standards work at the UK Government Digital Service (GDS) and played a key role in publishing the source code for the NHS COVID-19 contact tracing app, says the information comes from multiple independent sources within the NHS — insiders who are reportedly 'shocked' by the decision.

Key Facts at a Glance

• NHS plans to close nearly all public source code repositories, reversing years of open-source commitments
• AI security threats are cited as the primary justification for the closure
• The decision reportedly blindsided many NHS technical staff, who learned about it internally
• Terence Eden, a respected UK open-source advocate, broke the news based on multiple independent NHS sources
• The move contradicts the UK government's longstanding 'open by default' policy for public sector code
• No official timeline or public statement has been issued by NHS Digital as of this writing

AI Security Concerns Drive Unprecedented Reversal

The NHS's decision centers on a relatively new but rapidly growing threat vector: the use of large language models (LLMs) and AI-powered code analysis tools to identify vulnerabilities in publicly available source code. Security researchers have demonstrated that tools like GPT-4, Claude, and various open-source models can scan codebases at unprecedented speed, identifying potential exploits that might take human security auditors weeks or months to discover.

Unlike traditional security scanning tools, modern AI systems can understand code contextually. They can identify subtle logic flaws, authentication weaknesses, and infrastructure configuration errors that automated scanners would miss. For a healthcare system serving over 65 million people and handling some of the most sensitive personal data imaginable, this represents an existential risk.

The concern is not purely theoretical. In recent months, cybersecurity firms including CrowdStrike and Mandiant have reported a sharp increase in AI-assisted attack methodologies. The NHS itself suffered a devastating ransomware attack in 2017 via WannaCry, which disrupted services across 80 hospital trusts and cost an estimated $115 million. A more sophisticated, AI-guided attack could prove far more damaging.

Open-Source Community Pushes Back Hard

The reaction from the open-source and digital government communities has been swift and overwhelmingly critical. Many technologists argue that closing repositories does not actually improve security — it merely creates a false sense of protection through 'security by obscurity,' a practice widely discredited in cybersecurity circles.

Critics raise several key objections:

• Closing code does not eliminate vulnerabilities — it only prevents external contributors from finding and reporting them
• Open-source code benefits from community review, which historically catches bugs faster than internal teams alone
• Attackers with AI tools can still probe live systems for vulnerabilities without needing source code access
• The NHS's internal security teams are already understaffed and under-resourced, making external review even more valuable
• Other major healthcare systems, including the U.S. Department of Veterans Affairs, maintain public repositories without similar concerns
• The move sets a dangerous precedent for other public sector organizations considering similar closures

Terence Eden himself has been vocal in his criticism, noting that the NHS COVID-19 app's open-source release was instrumental in building public trust during the pandemic. Independent researchers were able to verify privacy claims, identify bugs, and contribute improvements — a process that would have been impossible under the proposed new policy.

The Broader 'Security vs. Transparency' Debate in Government AI

The NHS decision reflects a tension playing out across governments worldwide. As AI capabilities accelerate, public institutions face a genuine dilemma: how to maintain the transparency that democratic accountability demands while protecting critical infrastructure from increasingly sophisticated threats.

The UK government's own Technology Code of Practice explicitly states that public sector organizations should 'make all new source code open' unless there are compelling security reasons not to. The question is whether the general existence of AI code-analysis tools constitutes such a compelling reason — or whether it represents a panicked overreaction.

Comparisons to other national approaches are instructive. The U.S. federal government maintains thousands of public repositories through platforms like Code.gov and has not announced any plans for broad closures. The European Union's interoperability framework actively encourages open-source adoption in public services. Even Estonia, one of the world's most digitally advanced nations and a frequent target of cyberattacks, continues to publish government code openly.

What makes the NHS situation particularly noteworthy is scale. The NHS is one of the largest employers in the world, with a digital infrastructure that spans hospital management systems, electronic health records, prescription services, appointment booking platforms, and research databases. Its code repositories represent years of publicly funded development.

What This Means for Developers and the Tech Industry

For developers who have contributed to or relied upon NHS open-source projects, the implications are immediate and practical. Projects that have been forked, studied, or integrated into other healthcare systems could lose their upstream source. Contributors who volunteered their time to improve public healthcare technology may find their work effectively locked behind closed doors.

The decision also sends a chilling signal to the broader GovTech ecosystem. If the NHS — one of the most prominent examples of government open-source adoption — retreats from transparency, other public institutions may follow suit. This could undermine years of progress in making government technology more accountable, interoperable, and cost-effective.

For the cybersecurity industry, the move raises a philosophical question that is becoming increasingly urgent. Traditional security wisdom holds that systems should be secure enough to withstand scrutiny even when their source code is public — the so-called Kerckhoffs's principle. AI may be testing the practical limits of this principle by dramatically lowering the cost and expertise required to find exploitable vulnerabilities.

Healthcare technology vendors and contractors working with the NHS should prepare for potential shifts in procurement requirements. Closed-source development practices may become the default expectation, affecting everything from contract terms to development workflows.

The AI Threat Landscape Is Evolving Faster Than Policy

At the heart of this controversy is a fundamental timing problem. AI capabilities are advancing far faster than institutional policies can adapt. The same LLMs that power helpful coding assistants like GitHub Copilot and Cursor can be repurposed to systematically identify attack surfaces in public codebases.

Recent research from institutions including Carnegie Mellon University and UIUC has demonstrated that GPT-4 can autonomously exploit known vulnerabilities with surprisingly high success rates. A 2024 study showed that LLMs could identify and exploit 87% of tested one-day vulnerabilities when given access to CVE descriptions — a capability that would only improve with access to actual source code.

However, security experts caution that the solution is not to hide code but to invest in better defensive AI. Organizations like DARPA are already funding programs to develop AI systems that can automatically patch vulnerabilities faster than attackers can exploit them. The Linux Foundation has invested millions in AI-powered security auditing through initiatives like the Open Source Security Foundation (OpenSSF).

The real risk, many argue, is that closing repositories removes a crucial early-warning system while doing little to stop determined attackers who have numerous other methods at their disposal.

Looking Ahead: A Policy Crossroads for Digital Government

The NHS has not yet issued an official public statement on the planned closures, and the timeline remains unclear. It is possible that internal pushback — which appears to be significant — could slow or modify the decision. Some insiders suggest a compromise approach, where particularly sensitive repositories are closed while less critical projects remain open.

Several developments are worth watching in the coming months:

The UK Parliament's Science and Technology Committee may weigh in, as the decision touches on both cybersecurity and government transparency mandates. The Open Source Initiative and other advocacy organizations are likely to mobilize formal opposition. Other national health services across Europe and the Commonwealth will be watching closely to see whether the NHS model is replicated.

What is clear is that this decision — regardless of its final form — marks a turning point. The intersection of AI capabilities and open-source governance is no longer a theoretical concern. It is now a concrete policy challenge that every government and large institution must confront.

The NHS's choice will serve as a bellwether. If it proceeds with broad closures, expect a wave of similar decisions across the public sector worldwide. If it finds a more nuanced path forward, it could establish a framework that balances AI-era security with the transparency that public trust demands. Either way, the era of assuming that open-source government code is an unalloyed good — with no security trade-offs worth considering — appears to be ending.