SSA Paid No Ransom After Cyber Attack

The Steamship Authority did not pay a ransom after a cyber attack shut down the boat line’s IT and communications systems for more than a week in early June, general manager Bob Davis said Tuesday.

In a prepared statement provided at Tuesday’s meeting of the SSA governors, Mr. Davis provided only scant details about the incident, saying that the majority of customer-facing technology was back up and running and that a law enforcement investigation headed by the FBI remains ongoing.

But Mr. Davis confirmed that the boat line did not pay any money to the hackers after the ransomware attack.

“This incident was a criminal act. And we continue to work with law enforcement, as part of our ongoing investigation,” Mr. Davis said, reading from his prepared statement. “Although that investigation is ongoing, we do want our customers and public to know that the Steamship Authority did not pay a ransom, or engage with the cyber criminals.”

Tuesday’s rescheduled meeting was the first public appearance for boat line governors and senior managers in the aftermath of the attack. The regularly scheduled board meeting had been moved from last week.

Other than brief operational updates, the boat line has provided almost no information about the incident since it occurred on the morning of June 2. On Tuesday, Mr. Davis praised staff for keeping boats running throughout the attack, and said the safety of vessels was never compromised.

“The Steamship Authority takes the security of information technology systems seriously, and we are actively working with a third party cybersecurity forensic investigators, as well as law enforcement to determine the full nature and scope of the event,” Mr. Davis read from his statement.

Pressed by governors for more details on the incident, Mr. Davis stuck mostly to his prepared statemement. He declined to confirm whether customer data had been compromised in the attack.

“There’s been a lot of concern . . . about our inability to provide more detail,” Vineyard governor James Malkin said. “And I understand that while we’re working with insurance companies and the FBI and forensic software people that we can’t give away information that could be harmful to our customers. Having said that, is it fair to say . . . no customer data was taken from us?”

Boat line spokesman Sean Driscoll said previously that the SSA does not store customer credit card information. But Mr. Davis was more circumspect.

“At this time, we continue to work with the law enforcement, as well as the third party cyber security forensics investigators on all elements of this incident, and will continue to ensure that once information is available in that regard, we’ll be able to make that public,” he said.

Falmouth governor Kathryn Wilson and Mr. Malkin both pressed Mr. Davis.

“Are you saying that you can’t say one way or the other whether any customer data was taken?” Ms. Wilson asked.

“Until the investigation is completed by the law enforcement and our cyber security firm . . . ” Mr. Davis replied.

In his statement, Mr. Davis said most key customer-facing functions had returned to normal, including credit card and online reservation systems. After the attack travelers without vehicle reservations could only use standby, paying with cash at terminals.

Mr. Driscoll said in a follow-up email Tuesday that eFerry tickets and multiride cards are still not functioning more than three weeks after the incident occurred.

Mr. Davis continued to stay tight-lipped about when questioned by reporters near the end of the two-hour meeting Tuesday, citing the ongoing investigation. He declined comment on the origin of the attack, whether a ransom was requested, or the amount of the ransom.

He also declined to provide the name of the third-party cyber security firm contracted by the SSA.

He said the boat line was able to get its website up and running in a week through backups, although he could not provide details on the process. And he thanked staff for piecing together operations manually after internal communications systems, including email, went down on June 2.

“Thanks to our IT group, in terms of being able to utilize backups . . . we were able to get the systems up and running,” Mr. Davis said. “Being able to be up and running in the timeframe that they were is remarkable. And I’ll leave it at that.”

A form of malware that blocks data until a monetary payment is paid, ransomware attacks have become increasingly common in recent months, hitting everything from vital infrastructure to the meatpacking industry nationwide. The origin and nature of the incident, as well as the requested ransom, have been reported on in detail for other attacks.

In other business Tuesday, governors approved a licensing agreement request from Plymouth and Brockton bus line to use the Woods Hole terminal to run service to TF Green airport in Providence and Boston Logan airport. The bus line proposed running two trips to Providence daily, and seven trips to Boston.

After significant discussion, governors voted unanimously to allow the license on a trial basis. Mr. Davis also said the boat line would approve a similar licensing arrangement for the Peter Pan bus line, which runs service to Boston Logan airport as well.

SSA treasurer Mark Rozum gave an update on advance summer reservations for automobiles, which are up approximately 11 per cent over 2019, and up 14 per cent increase in July and a 40 per cent in September. August numbers are relatively flat, according to Mr. Rozum.

In a moment of irony, Mr. Driscoll also provided an update on the project to redesign the SSA website. An RFP for the project, which will cost between $1 and $2 million, was put out on June 1 — one day before the ransomware attack.

Mr. Driscoll said bids are due August 16, with a recommendation for the board expected by October.

“My celebration party on June 2 got cut short, obviously,” he quipped.

Comments (7)

T Bone, Oak Bluffs

Davis has never grown into the job. He's so over his head. Hopefully the Board continues to press him.

June 22, 2021 - 4:30pm

Islander, Martha's Vineyard

Totally agree.

June 22, 2021 - 5:09pm

Let's not mince words: Bob Davis never gets anything wrong, is always straightforward, runs a tight ship (pardon the pun), and is doing a great job. Give us a break! Trump did a bad job and what did we do? We hired someone else. This guy heading the SSA only has good things to say about himself and others under the worst circumstances over the years and here in response to Mr. Malkin and Ms. Wilson sounded like Oliver North. How's that for a classic reference? Let's move forward, can the governors vote to remove him. But they are sometimes self-satisfied as well, although I will create the exception for Mr. Malkin, who I do believe both has our interests at heart and works to be clear.

June 22, 2021 - 5:08pm

Islander , Edgartown

Likely that what SSA saved by having a second rate infosec system they’ve more than lost in giving free passage to ferry customers with multi-ride passenger cards. Penny-wise, dollar foolish.

June 22, 2021 - 7:32pm

MDW, Edgartown

Egregiously inadequate response on the question of personal information including email and physical addresses, and login credentials including user names and passwords as well. Breached credit card info is, actually, more easily remedied via consumer chargeback rights under the Fair Credit Reporting Act coupled with a change of account identifiers. The other, however, not so. I, for one, don’t care to have my billing address (which is stored by the SSA) known if my login credentials have been compromised.

June 22, 2021 - 9:09pm

David Erikson, Jr., NYC/MV

The SSA is a year round operation. It charges a premium for its service. I wish it was a first rate ferry line run by a first rate GM. We can't have a first rate ferry line if the board keeps letting a second rate GM run it. Whatever happened to hiring a real COO? Maybe he/she could prop Davis up if we're stuck with him until he retires.

June 24, 2021 - 11:12am

LongTimeWashAshore, WTis

You petty little people have nothing better to do than criticize those who work hard every day to provide a critical service to you and ALL who enjoy the island. I'm not saying that SSA is perfect and can't improve, but let's just take a beat and congratulate them for persevering through an exceeding tough period. PS. It's no accident that crimes like this thrive when we have ineffectual leadership in this country. This is not a local problem, and it's not one the current administration is equipped to handle. You celebrate the new leadership, now you live with the consequences.

June 25, 2021 - 11:15pm

Comments

form.antibot { display: none !important; } You must have JavaScript enabled to use this form.

Comment policy »

Directory

Sections

Towns

SSA Paid No Ransom After Cyber Attack

Noah Asimow

Comments (7)

Comments

YOU CAN HELP SUPPORT LOCAL NEWS

New Steamship Website Expected in June

Vineyard Haven Slip Work Scheduled to End in May

SSA Continues Argument Against Proposed Speed Limits

Directory

Sections

Towns

Search form

SSA Paid No Ransom After Cyber Attack

Noah Asimow

Comments (7)

Comments

Add a comment

YOU CAN HELP SUPPORT LOCAL NEWS

Related Stories

New Steamship Website Expected in June

Vineyard Haven Slip Work Scheduled to End in May

SSA Continues Argument Against Proposed Speed Limits

MV Governor Joins Great White Fleet

Sankaty in Service

New Flagship Martha’s Vineyard Arrives