Updated at 5:30 pm
The Steamship Authority is the target of a ransomware attack, which has disrupted its website and reservation system — disruptions SSA officials now expect to continue into Thursday, according to an update Wednesday evening.
In an emailed statement Wednesday morning, Sean Driscoll, SSA spokesman, wrote that the SSA “has been the target of a ransomware attack that is affecting operations as of Wednesday morning. As a result, customers traveling with us today may experience delays. A team of IT professionals is currently assessing the impact of the attack. Additional information will be provided upon completion of the initial assessment.”
The email from Driscoll came from an unfamiliar address. He told The Times in a text message, the SSA’s email system is down.
This morning, as customers boarded, a purser was unable to scan cards, and vehicles were not issued a boarding pass.
In an update at 12:30 pm, Driscoll wrote that the issue remains unresolved and under investigation. “The Authority continues to work internally, as well as with federal, state, and local authorities, to determine the extent and origin of the attack,” he wrote. “There is no impact to the safety of vessel operations, as the issue does not affect radar or GPS functionality. Scheduled trips to both islands continue to operate, although customers may experience some delays during the ticketing process.”
An alert on the SSA’s reservation page alerts customers to the problem. “Unfortunately, we have run into an error we were unable to recover from,” the alert states. “We’ve been notified of the error, and will look into it right away. In the meantime, feel free to hit back and try again.”
But that will only result in futility.
“Customers are currently unable to book or change vehicle reservations online or by phone. Existing vehicle reservations will be honored at Authority terminals, and rescheduling and cancellation fees will be waived,” Driscoll wrote. “If traveling with the Authority today, cash is preferred for all transactions. The availability of credit card systems to process vehicle and passenger tickets, as well as parking lot fees, is limited. Additional information will be provided as it becomes available.”
Jim Malkin, the SSA’s Vineyard representative, said whoever the people are behind the attack, they are criminals.
“Technology has brought some good to the world and some bad,” Malkin said. “And this is bad, and the Steamship Authority, like many other businesses in the U.S. and across the world, is dealing as best they can, as quickly as they can, with the havoc wreaked by these criminals.”
Gwyneth Wallace commented on The Times Facebook post, saying, “Scary! I’m in standby and had to pay cash — couldn’t process a credit card. That being said, boats, loading etc., is still running smoothly.”
At around 5:15 pm Wednesday, the SSA issued an update saying they continue to work with their internal team, as well as local, state and federal officials on the attack. “At this point, we are unable to release or confirm specific details of what occurred,” Driscoll wrote. “The ticketing processes, including online and phone reservations, are expected to continue to be affected on Thursday, June 3, 3021.”
He reiterated that the SSA will honor existing reservations and will reschedule trips without fees.
“Scheduled trips to and from the islands continue to operate safely as scheduled, although some delays in the ticketing process may occur,” Driscoll wrote. Driscoll customers to be prepared to use cash on Thursday.
“We thank our customers for their patience today, and we thank our employees for their hard work and grace under pressure,” he wrote.
According to Petty Officer Amanda Wyrick, a spokesperson for the U.S. Coast Guard, the agency has been briefed on the situation. The Massachusetts State Police Cybersecurity unit is taking the lead in the case, she said.
According to the Cybersecurity and Infrastructure Security Agency, “ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable,” usually with a demand of some form of payment. The attacker may threaten to leak or sell stolen data if the ransom isn’t paid. Ransomware attacks have been an increasing cyber threat. According to the Guardian, the Colonial Pipeline was hit by a ransomware attack by the East European group called Darkside in May, and the collective hacker group called REevil hit the world’s largest meatpacking company, JBS, with a ransomware attack on Wednesday, according to CNBC. The recent attacks with societal consequences, such as the Colonial Pipeline and the oil shortage, have come with calls to improve cybersecurity measures by President Joe Biden.
Adam Darack, an information technology specialist on the Island, said ransomware is scary stuff. “Technology is a double-edged sword. It’s scary, especially with major transportation hubs, like the SSA,” he said. “Everybody is a target, for sure. Certain targets are juicier than others, unfortunately. This is the type of stuff that keeps us up at night.”
In a tweet, state Rep. Dylan Fernandes, D-Falmouth, wrote that he’s been in touch with the State Police and SSA, and is monitoring the situation. “The boats are not impacted and passenger service remains as scheduled, but may experience delays,” he wrote.
Updated with the latest from the SSA. Reporter Rich Saltzberg and intern Eunki Seonwoo contributed to this story.