Police cancel 590 speeding fines after WannaCry hits traffic cameras

U-turn down under.

Police cancel 590 speeding fines after WannaCry hits traffic cameras

It seems the authorities in Victoria, Australia have had a change of heart.

As I described on the Tripwire blog earlier this week, it was recently discovered that 55 traffic and speed cameras in the state were accidentally infected with the WannaCry ransomware.

Human error by a maintenance worker poking in a malware-infected USB stick was blamed for the infection.

Sign up to our free newsletter.
Security news, advice, and tips.

The Department of Justice said that the infection didn’t impact the cameras’ operation, and that anyone who had been caught speeding or jumping the red light would still be expected to pay their fines.

However, it now appears that there has been… err… something of a u-turn.

As The Australian reports, Victoria police have chosen to cancel 590 fines sent to road users caught by the affected cameras.

Acting Deputy Commissioner Ross Guenther told a press conference that an inquiry would be held to see if protocols were breached when the malware-carrying USB device was connected to the traffic cameras, but that the cameras were still working properly:

“These cameras are about saving lives; those cameras are still operating. There have been a number of other fines not issued, those fines will continued to be quarantined until Monday. What it highlights is the need for us to consider all aspects of our information security right across not just camera networks but obviously the law enforcement networks themselves.”

“I need to find out how the cameras got infected. I need to see if there is a corruption of data of if there is a long-term impact on the system.”

It’s certainly an unusual case and worthy of some proper investigation. WannaCry – if that is really the malware that infected the cameras – would not normally be expected to spread via a USB stick.

I wonder if the authorities in Victoria have decided to cancel the fines more out of fear of getting caught up in expensive and time-consuming legal battles with drivers who might argue that the cameras’ integrity could have been tampered with by malicious code, rather than any genuine belief that anything dodgy occurred.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.