Cyber Threat Weekly


September 29, 2020 WMRCCU Season 1 Episode 19
Cyber Threat Weekly
Show Notes Transcript

This episode talks about the launch of the NHS Covid – 19 App. 

After listening to this podcast please visit National Cyber Security Centre, Action Fraud, Take Five and the West Midlands Cyber Protect Websites for more guidance on all things relating to online Security.  


Our host today is Patrick, a Detective and Cyber Protect officer for the Regional Cyber Team part of the Regional Organised Crime Unit for the West Midlands.


Also covering the West Midlands is Sean Long – WMPDigitalPCSO, Warwickshire and West Mercia is James Squire - cyberpcso and Staffordshire Police area is Mathew Hough-Clews and can be found at sp_digitalpcso.

To contact us please email us at

Hello and welcome to the Cyber Threat Weekly. My name is Patrick and I'm a detective and Cyber Protect officer for the West Midlands Regional Cybercrime Unit. 

Today's date is Monday the 28th of September 2020, and today we'll be speaking about two health related cyber issues. 

The first item will speak about today's the NHS Track Trace and Stop App, and secondly, we'll speak about the tragic events in Germany, whereby the emergency admission for a lady in Germany was delayed resulting in her death due to the fact the hospital was under sustained cyber attack at the same time. 

Thursday the 24th of September 2020, the NHS launched their COVID-19 app, whereby venues have been instructed to download and display QR codes for visitors to scan when they arrive using this app. This is to help track trace and stop the spread of the coronavirus. It's important to note that users are advised to only scan venue QR codes through the NHS app to ensure that the user is accessing the correct website rather than a malicious one. Cybercriminals use a practice called QR spoofing, or atagging, which is where a real QR code is replaced by a cloned one which then redirects the person scanning that code to a similar website where personal data can be intercepted and breached. The best and safest way to scan these codes at a venue that you're visiting is by using the app to do so. Best practice when protecting yourself from QR spoofing, and checking into places as is no required, is as simple as avoiding scanning QR codes with your camera, and instead downloading the free NHS app from Google and all Apple App Stores. When using the NHS app, the QR code is scanned using an in app camera and only official NHS QR codes are accepted. The app also does not require its users to open a separate web page eliminating the risk of malicious links nor does it require the user to enter any personal information other than the first three letters of the user's postcode, as it relies mainly on venue check ins and Bluetooth location. 

QR codes particularly those printed designs or posters are static and available for exploitation by cyber criminals who could quite easily put fake QR codes over genuine ones. For example, a genuine QR code on scanning would link to a genuine website such as our very own But a fake cord could be created printed off and placed over the genuine one redirecting the person scanning to www dot wm hyphen This website then could request that you enter various pieces of personal financial and private information, which it would then retain and use potentially for criminal means. Unfortunately, when scanning these fake QR codes, they take you to websites which look very, very similar to the genuine ones. 

So the two things that you must remember when using this app is one scan the code through the app and not through any other apps that you may have to scan QR codes and two when you scan the codes, please pay very close attention to the URL, the website address and is it what you intended to visit. 

The second item that I wanted to mention is a very sad and sombre incident which occurred in Germany. Prosecutors have opened a homicide case after a cyberattack on a German hospital unfortunately led to the death of a lady who has been admitted for an emergency medical reason. Sadly, there was a delay resulting in her death. Due to the fact the hospital was under a sustained ransomware cyberattack a female patient was being transported by ambulance to the hospital they had to divert the ambulance to a second hospital 30 kilometres, away 20 miles. Unfortunately, this delay was considered to be a direct cause for their female patients death. 

If the investigation leads to a prosecution, it would be the first confirmed case in which a person has died as a direct consequence of a cyber attack it's yet another example of the convergence, when we look at the digital world. Issues that occur in the real world tend to affect us in the real world. Unfortunately, as this case shows, issues within the virtual world clearly has an impact in the virtual world and an impact on real world activities and our lives in general.

For additional guidance, please visit the National Cyber Security Centre (NCSC), Action Fraud and the Take Five campaign websites. Also please do not hesitate to contact us with regards to training, advice and guidance on how to protect and prepare yourself or your business online. 

Thank you