In 2020, Vivida’s founder Simeon Quarrie provided his cyber expertise to PSBE Cyber News Group and was featured in their article which outlined the potential shortcomings of the NHS track and trace app. What follows is a short excerpt from this article:
How Is The NHS Covid-19 App Cyber-Secure?
Heavily downloaded, & built at speed in the middle of a pandemic, so would you be comfortable recommending to staff to download the new track-and-trace app, or does the cyber-risk outweigh the virus gain?
The NHS Covid-19 contact tracing app for England & Wales was downloaded over 12m times by the end of Sept. with the Health Secretary, Matt Hancock, claiming success as this made it the most quickly downloaded app in the UK ever.
Risk for Breaches
Trustonic CTO, Jason Hart explained, “this app does not increase your risk for breaches from what already exists by owning a mobile phone.” By installing the NHS app, users are not compounding or enhancing the risk of data leakage.
Simeon Quarrie, Founder & CEO at VIVIDA, says that as the app only gathers 1st names & the 1st half of a postcode, doesn’t track location via GPS, & Bluetooth proximity to other devices & QR locations are only stored for 21 days, “this data alone will probably not be of much use to a cyber-criminal.”
This is not equivalent to being risk-free. “The app itself is opening doors to other attack vectors,” Quarrie warned, “smishing is 1 example, I have received text messages asking me to download the app but have been sensible enough to ignore them.”
If you’d like to continue reading, [click here] to access the full article.
