FALMOUTH – The Steamship Authority has issued an update on their efforts to deal with recent cyber attacks that had caused some interruptions to their services.
Officials with the transit service say that at no point was safety compromised for their vessels or passengers and that they have not paid a ransom to the criminals.
They said that they are still working with third-party cybersecurity investigators as well as law enforcement, and continue to review their systems to implement additional safeguards.
Key customer functions have been restored, including making reservations on their website, by phone or at terminals, and credit cards can be used at all locations.
The full statement from the Steamship Authority is as follows:
Woods Hole, Martha’s Vineyard and Nantucket Steamship Authority General Manager Robert B. Davis made the following statement at the Tuesday, June 22, 2021, joint meeting of the Authority’s Port Council and Board.
“On the morning of on June 2, 2021, the Woods Hole, Martha’s Vineyard and Nantucket Steamship Authority detected a ransomware event impacting certain operations. We promptly initiated response protocols and notified law enforcement, including the Massachusetts State Police, the U.S. Coast Guard, and the Federal Bureau of Investigation, about the incident.
“In line with our business continuity plan, which is in place for all service disruptions due to storms or other incidents, we immediately took steps to ensure the continued operation of our ferries. Thanks to our incident response protocols, and the fast and diligent work of our employees, all existing customer reservations were honored, and no scheduled trips were canceled. Most importantly, at no time was the safety of our vessels affected.
“The Steamship Authority takes the security of its information technology systems seriously and we are actively working with third-party cybersecurity forensic investigators, as well as law enforcement, to determine the full nature and scope of the event. As part of our analysis, we have undertaken a comprehensive review of our systems and implemented additional safeguards. These new safeguards have been implemented alongside the already robust protocols that allowed the Authority to quickly recover from this incident. At this time, most of our key customer functions have been fully and safely restored. Reservations can be made or changed on our website, via phone or at a terminal and credit cards may now be used at all locations.
“This incident was a criminal act, and we continue to work with law enforcement as part of the ongoing investigation. Although that investigation is ongoing, we do want to our customers and the public to know that the Steamship Authority did not pay a ransom or engage with the cybercriminals. We continue to refer all inquiries related to the details of this ongoing investigation to the Federal Bureau of Investigation.
“The Steamship Authority is grateful for the ongoing support that we have received from local, state and federal agencies, including law enforcement. We are also grateful to all of our employees, especially those in our Information Technology Department and those working on the front lines at our terminals, in our reservation office, on our buses and on our vessels, as well as office and accounting staff. Their hard work and diligence was essential to implementing our business continuity plan and bringing our systems back online. And finally, I wish to thank our customers for their patience and understanding during this very difficult time.”
About Grady Culhane
