Updated June 5 @6:10 am
During a press conference in Woods Hole Friday, U.S. Sen. Ed Markey said a ransomware attack on the Steamship Authority’s website and reservation system was the work of Russian hackers.
But late Friday, Markey’s press spokesperson texted a Times reporter and asked that the story’s headline be changed. “Senator Markey did not confirm that Russia was responsible for the ransomware attack,” Taylor St. Germain wrote. “He does not have that intelligence.”
Indeed, Markey was not asked to confirm it. He offered the information on his own during the press conference in answer to The Times question about whether the federal government would provide funding for the SSA to harden its defense against such cyber hacks.
“No one would have ever imagined that the Russians would attack the Steamship Authority,” Markey said during his response. His comment was recorded.
Markey was in Woods Hole along with U.S. Commerce Secretary Gina Raimondo and U.S. Rep. Bill Keating to tour Woods Hole Oceanographic Institution and other key parts of the “blue economy.” During that press conference just blocks from SSA’s Woods Hole terminal, Markey said the U.S. must defend itself by making the hardening of vulnerable systems mandatory.
“If we don’t put strong mandatory measures in place, then we’re going to see a recurrence and an escalation of the impact on us as a nation.”
Markey said the Russians, the Chinese, and the North Koreans will continue cyber attacks against the United States.
“There’s no question about it,” Markey said. “We have to ensure that we harden our capacity to respond to it.”
His comments came as the SSA was in the third day of dealing with problems associated with the attack. The ferry line’s website and reservation system remain unusable now into a fourth day.
Markey said he made an attempt to make the US more resistant to cyber attack 14 years ago.
“Back in 2007, when I was the chairman of the energy committee of the House, I actually passed a piece of legislation. It mandated that the utilities of the United States harden their ability to respond to attacks from overseas. There were great threats from Russia in 2007. That bill passed the United States House of Representatives, but the utilities killed it in the United States Senate. They killed it. This is not new. This is something, unfortunately, that has not been dealt with in a way that represents the magnitude of the threat to us and to our economy, to our security. So from my perspective what we’re seeing here at the Steamship Authority, what we’re seeing with the meat industry, what we’re seeing with Colonial Pipeline … It all is saying to us very clearly, especially in those sectors that are most central to our larger growth, is that those measures are going to have to be mandatory. This is not going away. These attacks are going to continue.”
Asked by The Times what Congress can do to help the SSA harden itself, especially in light of the fact the ferry line doesn’t receive state funding, Markey said, “for soft targets more like the Steamship Authority, we’re going to have increasing funding from the federal level, research and development from the federal level, in order to help every aspect of our economy. And the Steamship Authority is a perfect example of what is happening. No one would have ever imagined that the Russians would have attacked the Steamship Authority.”
At midday on Friday, the SSA announced it has created a separate website with fare, schedule, and parking. That site is www.steamshipauthorityschedules.com.
“The ticketing processes, including online and phone reservations, will continue to be affected today,” according to the email from Sean Driscoll, the SSA spokesman. “We will continue to honor existing reservations at Authority terminals, and rescheduling and cancellation fees will be waived. Scheduled trips to and from the islands continue to operate safely as scheduled, although some delays in the ticketing process may occur.”
The statement goes on to point out the ongoing problems with making or changing reservations. “At this point, customers remain unable to book or change reservations online or by phone,” the email states. “Although some credit card access is now available at terminals and parking lots, the use of cash is recommended as it will speed the process of completing the transaction.”
According to the email, the SSA’s internal team is working with local, state, and federal authorities to address Wednesday’s hacking incident. “At this point we are unable to release any further details,” the email states. “We thank our customers for their continued patience.”
With the SSA announcing there would be no further updates on Friday, it appears as if the situation will continue into the weekend.
The FBI is the lead law enforcement agency in the investigation along with the Massachusetts State Police Cyber Security Unit and local authorities are also involved, according to the U.S. Coast Guard.
On the Steamship Authority’s Facebook page, anxious customers are asking questions about expiring reservations and the need to get on and off the Vineyard for appointments on the Island’s lifeline.
“I have a transferable ferry reservation which must be transferred to the traveler within the next few days to meet the 30 day requirement,” Roselle Levy wrote. “How are transfers being handled? What to do? Thank you.”
The SSA responded saying, “We will waive fees and the deadline and help up transfer the reservation when our systems are back up.”
The SSA has also printed its schedules both on its Twitter and Facebook pages, as well as the fees for passage and parking. There are similar questions and answers on those posts.
With the hacking making national news, Island graphic designer and web developer Courtland Bluford created T-shirts and luggage tags with an image of a Steamship Authority vessel and the words “Steamship Authority Hacking 2021 Survivor,” overlying the graphic. The shirts and luggage tags are available on Bluford’s Etsy page.
Bluford said he recently moved to the Island to stay with his wife and mother-in-law. His mother-in-law came to the Island the night of the hacking, and was having trouble accessing the SSA website.
As soon as Bluford heard about the hacking, his wife and he were talking about surviving a major blizzard in 1994, and were joking that the hacking is also a survivor moment. “It kinda sparked something in me where I was like, trying to get on or off the Island, we survived the hacking. I thought it would be pretty funny to put it on a shirt and bag tags. He added that he is a passionate fan of the show ‘Survivor,’ which partly inspired the shirts and tags.