Traffic and speed cameras in the state of Victoria, Australia were infected by the WannaCry ransomware attack that hit hundreds of thousands of computer networks around the world last month.
Menurut local radio station 3AW, the cameras found on highways and intersections—operated by Redflex Traffic Systems—were infected after a maintenance worker inserted a WannaCry-infected USB drive into the devices earlier this month.
The explanation seems possible as it’s unlikely the cameras could have been infected without the malicious attack being brought to them; the cameras themselves are not directly connected to the internet.
The Victoria Justice and Regulation Department said the cameras have continued to operate normally despite the infection, save for the occasional reboot. The Department also insisted those who receive tickets for speeding or other traffic offenses after being caught by the cameras won’t be able to argue the malware infection compromised the cameras.
A spokesperson from the department told AW3 that steps have been taken to fix the security flaws in the cameras.
“A system patch has been applied, which prevents the spread of the virus,” the spokesperson said. “The Department is in the process of removing the virus from the affected cameras. The remaining sites will be rectified in the next couple of days.”
WannaCry memulakannya menyebarkan bulan lepas, menjangkiti beratus-ratus ribu sistem komputer di seluruh dunia dalam masa beberapa hari sahaja. Serangan itu memukul rangkaian milik syarikat utama serta hospital Dan organisasi lain.
Earlier this week, Honda was forced to temporarily shut down one of its car manufacturing plants after it learned its computer networks were hit by WannaCry, showing that while the initial spread of the virus may have passed, it is still a threat to machines that have not been patched.
Serangan ini menggunakan eksploitasi Windows yang pertama kali ditemui oleh Agensi Keselamatan Negara AS. Eksploitasi itu dicuri oleh sekumpulan penggodam yang dikenali sebagai Shadow Brokers dan dipublikasikan. Sementara NSA mengetepikan Microsoft kepada kelemahan dan syarikat itu menerbitkan perbaikan, kebanyakan sistem tidak dikemas kini dalam masa untuk melindungi serangan tersebut.
Penutupan sementara kilang Honda hanyalah kesan terbaru serangan ransomware, dan bukti serangan sisa masih berlaku walaupun serangan itu sebahagian besarnya berakhir. Ia dipercayai sama serangan menggunakan eksploitasi NSA yang lain juga telah dilancarkan dan mungkin meletakkan sistem komputer berisiko.
While the vast majority of infected devices were Windows machines, ancillary devices like the traffic cameras in Australia have also been hit. Medical devices were found to be vulnerable to attack, with devices that perform CT, MRI and PET scans believed to be at risk of infection.