Victoria overhauls traffic camera network after WannaCry

The Victorian government has announced an overhaul of its traffic and speed camera network following infection from WannaCry in June.
Written by Asha Barbaschow, Contributor

The Victorian government has announced an overhaul of the state's road safety cameras after the WannaCry ransomware that claimed hundreds of thousands of victims across 150 countries last year found itself on speed and red-light cameras on state roads last June.

The announcement on Thursday sees an overhaul of the network's governance and security protocols, following a report from Road Safety Camera Commissioner John Voyage.

The report, commissioned by Minister for Police Lisa Neville, and all of its recommendations will be accepted and "fully implemented", the state government said.

According to Voyage, the virus did not affect the network's "integrity".

"Our road safety camera network is integral to protecting the lives of Victorians on the road. That's why we're overhauling its security protocols to make sure we have the strongest protection in place," a statement from Neville said on Thursday.

"The network deters dangerous driving and reduces road trauma, so it's crucial Victorians have faith in its integrity.

"The independent commissioner has confirmed the WannaCry virus had no impact on the network. We're not only taking action to strengthen the network's cybersecurity, but also our management operations so that it is protected against any future threats."

The implementation of the report's recommendations will be led by a new division created to drive the reforms, under new leadership that will report directly to Neville.

A new director of the Road Safety Camera Program has also been appointed to oversee the design and delivery of the network's reconfiguration, and manage the ongoing operations of the network, the police minister said.

At the time of infection, Neville revealed that the 55 initial cameras had been infected after a rogue USB was inserted by someone performing maintenance. That number eventually grew to over 159.

The speed and red-light cameras initially found to be infected were operated by vehicle monitoring and enforcement service Redflix, but shortly after, Neville said investigations found additional impacted cameras were operated by Jenoptik, and noted the company did not forward the information on to authorities.

Upon finding the infection, the Victorian government was quick to act, freezing an initial 590 fines -- with the number quickly jumping to 7,500 -- that had been issued by the infected speed and red-light cameras.

The interim report from the commissioner in July said the majority of the 54,000 fines pulled as a result of the WannaCry infection would still stand, with Voyage unequivocal that he found no error in the data and as a result the integrity of the tickets would stand.

The government said on Thursday that it has already taken early actions to "improve the cybersecurity protocols to tighten the network so cameras are protected against the introduction of viruses from individual machines".

"Road safety cameras save lives on our roads. The new management structure, new policies, and new security protocols will ensure Victorians can continue to have complete confidence in the integrity of the road safety camera network and the role it plays in contributing to the government's vital Towards Zero road safety campaign," the statement continued.

Other changes to the Road Safety Camera Program will include the tightening of security so external viruses cannot spread within the network, and the establishment of a reference group between contractors and other parties that will aim to "strengthen" the camera network and catch issues before they occur.

A review of the powers of the Road Safety Camera Commissioner to improve information sharing will also be conducted.


54,000 fines pulled by Victorian Police following WannaCry will stand

Radio 3AW has revealed a report from the Speed Camera Commissioner says the majority of the fines pulled after infection will be reinstated.

Australia 'fair game' when it comes to the threat of a cyber attack

For a country with a culture based on taking things as they come, Check Point has said Australia is taking the threat of cybersecurity seriously.

WannaCry ransomware crisis, one year on: Are we ready for the next global cyber attack?

WannaCry caused chaos across the world. But have its lessons been learned?

6 tips to avoid ransomware after Petya and WannaCry (TechRepublic)

Ransomware attacks continue to wreak havoc on businesses worldwide. Here are six recommendations from PwC to prevent and mitigate these cybercrimes.

A year after WannaCry, victims haven't improved cybersecurity policies (TechRepublic)

The NHS has only 20 security professionals on staff, and the financial impact of WannaCry has not yet been determined.

Editorial standards