It has been revealed that 55 traffic and speed cameras in the state of Victoria, Australia, have been accidentally infected with the WannaCry ransomware that struck organisations hard around the world last month. Local radio station 3AW broke the news, after receiving a tip from a listener that the highway and intersection cameras operated by Redflex Traffic Systems had been infected by a maintenance worker who inserted a malware-infected USB stick into devices earlier this month. That explanation makes some sense, as the cameras are reportedly not connected to the internet. In many ways, it's a throw back to the old days when malware was spread by "sneakernet".
The Department of Justice says that the cameras have continued to operate correctly despite the infection - aside from the occasional reboot, and that anyone who has been caught speed or committing traffic offences by the camera will not be able to argue that the integrity of the collected data has been compromised by the malware. A spokesperson from the Victoria Justice and Regulation Department told AW3 that patches have now been installed on vulnerable traffic cameras:
"A system patch has been applied, which prevents the spread of the virus. The Department is in the process of removing the virus from the affected cameras. The remaining sites will be rectified in the next couple of days."
Although the full fury of the WannaCry outbreak has died down, we are still receiving reports of some businesses battling with the ransomware. For instance, just this week it was reported that Honda had temporarily shut down a production line at a Japanese plant, as it discovered its networks across Japan, North America, Europe, China and other regions had been infected. The incident in Australia isn't, of course, the first time that police cameras have been hit by ransomware. Days before Donald Trump's inauguration as US President, for instance, Washington DC police discovered that 70% of its public surveillance cameras were suffering at the hands of ransomware attacks, leaving the authorities unable to record footage. Needless to say, it would make sense for all organisations to apply Microsoft's MS17-010 security update, which patches against WannaCry's primary method of spreading. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
