Cyberattack On Dutch Prosecution Service Is Keeping Speed Cameras Offline

The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country.

The Dutch newspaper Leeuwarder Courant has reported that dozens of Speed cameras remain offline after they were temporarily shutdown following the system compromise.

The Service's Central Processing Office (CVOM) confirmed the issues to local media this week but was coy over details about how many cameras were inactive.

A spokesperson said the department is aware of which cameras remain disbled but would not reveal their locations - for obvious reasons.

At least three types of speed cameras are affected, and these are mainly deployed across A and N roads. 

In the Netherlands, A roads are akin to what other countries call motorways or highways – roads dedicated to high-volume, high-speed traffic.

N roads are a step down from these and most often built to connect cities and towns. Unlike A roads, motorists could find themselves encountering roundabouts, traffic lights, and single carriageways.

The types of cameras include fixed speed cameras, average speed cameras, and flex speed cameras, which are mobile and often deployed in a single location for a limited time.

The CVOM saidit's common for speed cameras to be pulled offline for matters such as maintenance and inspections, or in the case of flex cameras, relocations. It's a frequent occurrence, but being unable to reactivate them is rare.

The Register asked the CVOM for additional information but it did not respond.

The cyberattack itself, which originally took place on July 17 and involved exploited Citrix vulnerabilities, did not affect the cameras directly, but is preventing the CVOM from bringing them back online.

Earlier this week, the Dutch NCSC updated its reporting on the Citrix NetScaler zero-day disclosed last month, saying several critical organizations across the country had been compromised.

It also said that according to its recent findings, the vulnerabilities were exploited as far back as early May.

The Public Prosecution Service announced on August 5 that it would start a phased relaunch process, saying the decision to return slowly was made to decrease the risk of any further disruption to the criminal justice system.

"A phased relaunch is also necessary because the systems and applications are interconnected as well as linked to those of, for example, the judiciary, the police, the CJIB (Central Fine Collection Agency), and the NFI (Netherlands Forensic Institute)," its statement read (machine translated). 

• Law and water: Russia blamed for US court system break-in and Norwegian dam drama
• Hyundai: Want cyber-secure car locks? That'll be £49, please
• KLM, Air France latest major organizations looted for customer data
• Car dealer software slinger CDK Global said to have paid $25M ransom after cyberattack

"The restart is being carefully coordinated with all partners to minimize disruptions to their systems and processes. The Public Prosecution Service is also in contact with the Netherlands Bar and with Victim Support Netherlands (SHN) regarding the next steps."

The first system to be reinstated was the Service's emails. External parties could once again reach it via email as of August 7, although large files still cannot be shared.

Rinus Otte, chairman of the Board of Prosecutors General, said: "It will take some time before all systems will be functioning like they used to. At this time, it is difficult to estimate exactly how long this will take, but the Public Prosecution Service is obviously committed to minimizing the impact on victims, suspects, and convicted persons. 

"The Board fully realizes that much will still be demanded of Public Prosecution staff, partners, and other stakeholders in the coming weeks. Without everyone's dedication, goodwill, and patience, it would not have been possible to still get so much done within all these limitations. I have great admiration for that. Hopefully, we can still count on this in the coming weeks." ®