A maintenance worker in Victoria has inadvertently infected some 55 intersection speed and red-light cameras with the WannaCry virus bringing into question the accuracy and legitimacy of any infringements captured during the period of infection.
Revealed exclusively by Neil Mitchell on the 3AW morning program, the 55 cameras are apparently in a state of almost constant reboot having detected the virus.
Each camera is a complex bit of kit, clearly there are several components, the camera itself, the radar to detect speed and the computer to record the infringement.
The Victorian Sheriff told Neil Mitchell no infringements have been affected by the virus, though it is unclear how if at all operational the units have been during this period of infection which it appears has been at least a week.
Each camera is networked back to a central location, though the Sheriff told Neil Mitchell the central server was not windows based and therefor could not be infected, and also confirmed the cameras could not infect each other. This indicates the maintenance worker attended each site – infecting them individually.
How? A USB stick. An infected USB stick inserted into an unpatched and vulnerable computer will result in infection, though it appears each computer detected the virus which is what has forced the reboot cycles.
An investigation is ongoing, and the outcome looks certain to be (given the attention on it) that no fines could be issued for the period since the initial inspection.
Lawyers for anyone issued with a fine would likely argue the infection impacted the processing power of the computer at the time of the detection and thus calibration could not be relied apon.
Each camera is being re-installed with a clean (and we hope patched and updated) operating system with a dozen more still to be fixed as of this date.
A good additional warning to all that you’ve got to patch your computers, no matter what software they are running or task they perform.