Did hackers lead warplanes to Syrian hospital after targeting British surgeon’s computer?

BBC Newsnight broadcast phone number of surgeons working in war-torn Aleppo.

Did hackers lead warplanes to Syrian hospital after targeting British surgeon's computer?

The Telegraph writes:

A British surgeon who helped carry out operations in Aleppo fears that the hacking of his computer led to a hospital being bombed by suspected Russian warplanes.

In a world first, renowned consultant David Nott gave remote instructions via Skype and WhatsApp which allowed doctors to carry out surgery in an underground hospital.

Sign up to our free newsletter.
Security news, advice, and tips.

But, after footage was broadcast by the BBC, Mr Nott believes his computer was targeted, allowing hackers to gain the coordinates of the M10 hospital.

An edition of the BBC‘s flagship “Newsnight” programme included footage of Mr Nott advising doctors in Syria how to carry out a complicated operation remotely via WhatsApp and Skype. And, as recently as yesterday, the footage was still available for anyone to view on YouTube.

Why has it now been removed? Well, my guess is because the footage includes another clue about how the makeshift hospital could potentially have been targeted.

“Newsnight” included in its report footage of Mr Nott’s desktop monitor, which showed prominently the full phone number (complete with Syrian country code) of the surgeons he was communicating with.

Unlike “Newsnight”, I’ve obscured the number in my screengrab below.

Number obscured

Clearly that phone number should not have been broadcast. Although it’s quite likely that the hospital’s bombing had nothing to do with the “Newsnight” report, and that Mr Nott’s computer and Skype account were not hacked, it’s not entirely implausible that a determined intelligence agency might have used a different route to determine the operating theatre’s location.

For instance, if I wanted to know precisely where the Syrian surgeons were I might be tempted to infect the smartphone which has that number, rather than the British consultant. I think that would be a good deal more straightforward, and could result in much more reliable information about someone’s location than an IP address.

My feeling is that the jury is out whether any hack occurred. Mr Nott seems to think his Skype or computer may have been targeted. The alternative scenario I give above is possible, although perhaps also not as likely as something rather more conventional.

For its part, the BBC is downplaying the speculation:

“The bombing of the M10 hospital in Aleppo was a tragedy, but we haven’t seen any evidence to suggest that the attack was linked to the Newsnight report or the many other media stories about the work of David Nott and the doctors in the hospital.

“The hospital had already been targeted many times before our report, and the suggestion of such a link remains purely speculative.”

Perhaps it’s best not to jump to conclusions that something has to have a computer security angle, unless there’s some reason to believe that’s true.

And, I would argue, it would be sensible for news teams to be very careful not to broadcast sensitive information (such as mobile phone numbers), particularly when it involves people working in war-torn Aleppo.

The BBC has now removed the “Newsnight” footage from YouTube.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.