From tomorrow 1 July, the European Green Pass will be active, making it easier to travel to and from all countries of the European Union and the Schengen area. It is issued to those who have been vaccinated against Covid or have obtained a negative result on the molecular / antigen test or are cured of Covid. The Green Pass contains a QR Code to verify its authenticity and validity.
The certification, in digital and printable format, issued by the national platform of the Ministry of Health, may be requested to participate in public events, to access nursing homes or other facilities, to move in and out of territories classified in the red zone or orange zone.
In the spotlight Germany’s decision to ban the entry of persons from Portugal, considered a country where the Delta variant of the Sars-CoV-2 coronavirus is dominant. A decision that “does not appear to be in line” with the Council’s recommendations on travel restrictions in the EU, European Justice Commission spokesman Christian Wigand said yesterday during a press briefing in Brussels. On Monday, added Wigand, Commissioners Didier Reynders, Thierry Breton and Stella Kyriakides “sent a letter to the 27 member states, calling for a timely and consistent implementation of the recommendation on restrictions on freedom of movement in the EU” and on the Green Pass. The commissioners in the letter “strongly encourage” member states to “apply the recommendation as soon as possible. In particular, they must ensure exemptions for fully vaccinated and cured people to encourage family reunification. July 1st “, when the Green Pass regulation will come into effect. “We must of course – continued Wigand – remain vigilant on the Delta variant and not forget that coordination” between Member States is “essential”. The Commission has urged states to proceed with the technical implementation of the Green Pass, so that it will be operational from 1 July.
Meanwhile it is security alert, because the QR Code could become the new preferred attack vector for cybercriminals. This was underlined by the analysis on the evolution of phishing attacks carried out by Innovery, an Italian multinational in the ICT market specialized in the cybersecurity sector. 2020 was a year of major emergencies for the cybersecurity sector, with a 40% increase in cyber attacks on companies compared to 2019 – according to data from the Cybersecurity & Data Protection Observatory of the Politecnico di Milano – thanks to the spread of remote working .
In this context, the preferred vector for cybercriminals was the email, the so-called phishing, which involved about 80% of the attempts of intrusion. In 2021, cybercriminals could favor a new channel, namely the QR Code. QR codes are spreading widely, especially following the pandemic. According to a recent survey by MobileIron, 86% of respondents scanned a QR code during 2020 and more than half (54%) reported an increase in the use of such codes since the start of the pandemic.
“The increase in the use of mobile devices to carry out many of our daily activities exposes us to new risks, and the lack of awareness of the possible threats that scanning a QR Code can convey is an increasingly pressing concern” explains Massimo Grandesso, Innovery Cybersecurity Manager.
“QR codes sent via email are able to evade normal antiphishing systems: Qishing, as this technique is called, works exactly like clicking on a link, except that the link is not visible as it is encoded in the QR code, and you should use the same precautions that are used for links “underlines Grandesso again.
Today QR Codes are used in the most varied contexts: in bars and restaurants for menus, limiting physical contacts, for accessing events and public places, for booking medical examinations, for collecting prescriptions, for electronic invoicing, to replace paper tickets and last but not least the Green Pass itself, on which even the Privacy Guarantor has recently expressed itself urging citizens to be extremely cautious and to avoid publicly exhibiting the Green Pass code.