An interim report by Victoria’s Road Safety Camera Commissioner has found that there is “no evidence” that an outbreak of WannaCry ransomware infections in the state’s speed and red-light cameras compromised traffic infringement data.
Victoria Police announced last month they would cancel a range of fines issued by WannaCry-infected systems
Cameras on Victoria’s Fixed Digital Road Safety Camera (FDRSC) network are operated by Redflex, Gatso and Jenoptik.
After being introduced into FDRSC network, allegedly by a Redflex employee, WannaCry infected 43 Redflex-operated Camera Control Units (CCUs) and 67 Jenoptik Site Controllers.
All of the affected systems were running Windows 7. Attempts by WannaCry to propagate throughout FDRSC also caused a number of Windows XP systems on the network to crash.
The first indication of the infection occurred on 6 June, when camera operator Redflex noted that 20 road safety cameras on the Hume Highway had crashed.
There was no evidence of any WannaCry-encrypted files on infected Redflex-operated Windows 7 systems and “no evidence of any impact on the integrity of infringements”, the interim report from commissioner John Voyage states.
A number of the Windows XP systems employed by RedFlex crashed but were not infected by the malware.
“Redflex logging systems are transaction-based,” the report said. “If an action is not completed then the system rejects it. Thus, it is not possible for a partial or garbled infringement record to be created, even during a system failure.”
The camera and detection components of the Jenoptik and GATSO operated systems run Linux-based operating systems. The Jenoptik Site Controllers that were infected by WannaCry are used to translate camera data into the format required by Victorian authorities.
“There is no evidence that the encryption component deployed,” the report states of the Jenoptik systems. “There is no evidence of any impact on the integrity of infringements.”
“There is no evidence that the WannaCry infection has affected the integrity of Speed and Red-Light camera infringements,” the report concludes.
“I am satisfied that devices which measure and record speed are external to the infected computers and are unaffected by the virus,” it adds.
“I applaud the caution shown by the authorities, but I find that there is no reason for the subject infringements to continue to be withheld,” the commissioner stated.