Ransomware Attack Hits Island Ferry Service
The Steamship Authority announced Wednesday morning that it has been the target of a ransomware attack that is affecting operations. The ferry service’s website and reservation system are down, and it’s unclear how long they will take to recover.
Ferries are running, and terminal ticket sales are being made by cash or credit card.
In a statement, the ferry service says customers traveling today may experience delays and a team of IT professionals is currently assessing the impact of the attack.
At least as early as seven a.m., people were reporting difficulties accessing the Steamship Authority website to purchase tickets.
Annamarie Gavin, of Burlington, Vermont, was at the Woods Hole ferry terminal this afternoon, headed for Martha’s Vineyard. She said she noticed something was wrong when she tried to confirm her departure time.
“I was unable to log in as of 7 a.m. this morning,” said Gavin. “And I wish I could have checked my ferry time, because I ended up being a little late.”
Steamship Authority Spokesman Sean Driscoll declined to say whether the attacker has demanded money for release of the system. Driscoll says the agency does not store customers' credit card information.
The Authority said on Twitter that vehicle reservations will be honored.
That’s likely to be a source of worry for summer-travel customers, who have to book months in advance before vehicle spots fill up.
Oak Bluffs summer resident Peter Goff, at the Woods Hole terminal Wednesday afternoon, said he heard about the attack from a concerned neighbor.
"I had a friend who has a cottage across from me who just phoned me and asked if I knew if there was a problem because of the ransomware," he said. "I said, 'I haven’t heard anything about it.'"
Ransomware leaves its victims few choices
Two years ago, someone disabled the city of New Bedford’s computer system and demanded $5.3 million in bitcoin.
UMass Dartmouth cybersecurity expert Lance Fiondella says to understand what ransomware is like, think of a locking boot placed on the wheel of a car.
"Maybe they're encrypting some portion of the service or the software and its functionality and they're saying, 'Pay up and I'll give you the key to unlock,'" Fiondella said. "And the reason why they can get away with that is because they're not physically present."
He says attackers assess a computer system for vulnerabilities remotely, so they may not know much about the victim’s business model.
But if there’s an element of time pressure — in this case, high season for the ferry — that can make an organization more likely to pay a ransom.
The FBI recommends against doing so because it encourages more attacks.
But sometimes it’s not easy for an organization to decide how to respond to an attacker’s demand for money to unlock the system.
Lance Fiondella says the decision-makers may be under external pressure to pay.
"There’s also an ethics of it," Fiondella said. "If it were a medical facility, there could be life or death decisions that impact private citizens and customers. There are liabilities. And so there's a complex array of factors one needs to factor in based on the nature of the service."
The ticketing processes, including online and phone reservations, are expected to continue to be affected on Thursday, June 3, 3021. The Steamship Authority will continue to honor existing reservations at Authority terminals, and rescheduling and cancellation fees will be waived.— Steamship Authority (@SteamshipMA) June 2, 2021