WannaCry Ransomware Helps Drivers Dodge Speeding Tickets

The WannaCry ransomware campaign has struck speed cameras in the Australian city of Melbourne after an IT worker mistakenly uploaded the attack to the network. The local traffic authority has been forced to cancel almost 600 speeding tickets as a result.

WannaCry, also referred to as “WannaCrypt,” is best known for the weekend of carnage it inflicted on organizations worldwide last month. One target that has previously escaped attention was Melbourne’s inner-city traffic camera network. BBC News reports that the ransomware was only detected last week when officials spotted the cameras were sporadically rebooting themselves.

In total, 55 cameras across the district of Victoria are known to have been affected. Like the other WannaCry victims, the network wasn’t specifically targeted. The entry point of the attack was very different though.

The ransomware wasn’t delivered across a network or by the giant botnets that helped to spread the main campaign. Instead, it started from “human error.” An engineer connected an infected USB stick to the camera controller.

The incident has left Victoria Police with no option but to cancel all the outstanding fines and penalties issued while the infection was active. Because it can’t guarantee the behavior of the cameras wasn’t altered by WannaCry, hundreds of drivers are being let off the hook.

While the police are confident none of the tickets were incorrectly issued, they have erred on the side of caution. A total of 590 pending tickets for speeding and red-light offenses have been reversed. Besides the cost of patching and securing the cameras, the district will also lose a significant amount of money it would have gained from the ticket fees. Acting Deputy Commissioner Ross Guenther told BBC News that the fines were canceled to ensure the public has “100% confidence” in the system.

The state has now issued a software update for the camera network that’s said to prevent further spread of the ransomware. This will ensure no more cameras are impacted by the attack.

WannaCry rose to worldwide prominence last month when it infected thousands of highly sensitive computer networks worldwide in the space of just a few hours. It exploits vulnerabilities in Windows that are believed to have been part of the recently-leaked NSA hacking tools. The Victoria Justice and Regulation Department is currently “in the process” of patching the affected cameras and removing WannaCry from the network. It’s expected everything should be fully operational again by the end of the week.

The group behind the attack has been linked to North Korea. As with most large-scale sophisticated malware campaigns, the exact identities of the perpetrators are unlikely to ever be known. Security researchers have been unable to pinpoint the origins of the ransomware.

[Featured Image by Etaphop photo/Shutterstock]