Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Ransomware Attack Disrupts Massachusetts Ferries (therecord.media) 35

A ransomware attack has caused delays and disruptions at Steamship Authority, the largest ferry service in Massachusetts, and has disrupted ferry transports between mainland US and the Martha's Vineyard and Nantucket islands. From a report: The attack took place earlier today, according to a series of tweets posted on the company's official Twitter account. Steamship Authority said the incident impacted its land-based IT systems and that ships are not impacted. "There is no impact to the safety of vessel operations, as the issue does not affect radar or GPS functionality," a Steamship Authority spokesperson said.

"Scheduled trips to both islands continue to operate, although customers may experience some delays during the ticketing process. Customers are currently unable to book or change vehicle reservations online or by phone. Existing vehicle reservations will be honored at Authority terminals, and rescheduling and cancellation fees will be waived," it added. The company has asked travelers to come prepared with cash on hand as "availability of credit card systems to process vehicle and passenger tickets, as well as parking lot fees, is limited."

This discussion has been archived. No new comments can be posted.

Ransomware Attack Disrupts Massachusetts Ferries

Comments Filter:
  • Who is the designated villain this week?

    • by Z00L00K ( 682162 )

      Parking lot attendants ticketing cars that can't pay.

    • by jellomizer ( 103300 ) on Wednesday June 02, 2021 @02:15PM (#61447990)

      It depends on your political alignment.
      If you a Conservative, then it was from China, because those are communist.
      If you a Liberal, then it was from Russia, because those are fascist.

      Both countries seem to fall on the extreme range of the political spectrum with a strongman leader, where its citizens are careful to criticize. Both are large countries, and would like to dethrone the United States as the Top Superpower. So they will become the Top Superpower.

      Seeing the United States having a government unwilling to create rules and regulations towards how modern businesses need to run in an attempt to maximize profit, with a slim to no safety net, and at the same time, its populous demanding a high quality of life, where they all want modern things. Has created a nice loophole in our IT Infrastructure for attack. As a lot of people and businesses demand such technology, while at the same time there is little to no regulations towards using such technology safely and correctly, it means they are a lot of places open to attack.

      • by GlennC ( 96879 )

        And here I am without any mod points. Please accept my sincere thanks.

      • by Anonymous Coward

        It depends on your political alignment.
        If you a Conservative, then it was from China, because those are communist.
        If you a Liberal, then it was from Russia, because those are fascist.

        Most ransomware attacks are Russian in origin. Don't think I've heard of any major attacks from the Chinese, regardless of political orientation. Chinese malware is mostly spying.

        https://blog.truesec.com/2021/... [truesec.com]

        https://techxplore.com/news/20... [techxplore.com]

        Both countries seem to fall on the extreme range of the political spectrum with a strongman leader, where its citizens are careful to criticize. Both are large countries, and would like to dethrone the United States as the Top Superpower. So they will become the Top Superpower.

        Well, both those statements may be true, but that's not why the Russians are doing the Ransomware attacks. The ransomware is because the Russian economy fell into the toilet after the disintegration of the Soviet Union, and Russia has a lot of cleve

    • Who is the designated villain this week?

      Same as it was last week, moronic / uncaring upper IT management / company management that allows insecure systems to sprout everywhere.

      • Re: (Score:2, Interesting)

        moronic / uncaring upper IT management / company management

        Implementing routine backups does not require approval from "upper management".

        Routine backups cost almost nothing. A 2TB HDD costs $40. Get two so you can alternate.

        There was certainly incompetence at the top, but mainly because they failed to recognize incompetence at the bottom.

    • Putin says it's them (Score:4, Informative)

      by raymorris ( 2726007 ) on Wednesday June 02, 2021 @02:28PM (#61448026) Journal

      Putin says that Russia is taking actions against the United States ahead of the upcoming summit, while Russia has 100,000 troops massed it the Ukraine border.

      According to Putin, they are showing the United States that Russia can hurt the US, showing strength before the summit.

      • the Ukraine border.

        Which by pure coincidence just happens to be on the Russian border, you know, on their own territory?

    • Should be the d*ckhead(s) at Colonial Pipeline.

      YOU NEVER PAY YOU CUCKING FUNTS!!!

      Well, they did. As a result, now it's open season for American companies. Pass the popcorn.

      • They almost always apy - that's why ransomware has grown into the industry it is today. CP isn't an Outlier here.

  • by Anonymous Coward

    What systems were affected? I'm assuming Windows.

    How did the attack occur? Was it a drive-by, trojan, email, web site, something else?

    We never get any information that can help prevent these attacks. It's so frustrating and the "authorities" are not helping.

    • by Train0987 ( 1059246 ) on Wednesday June 02, 2021 @02:02PM (#61447956)

      Someone clicked something they shouldn't have in an email they got, they same way 99 out of 100 ransomware cases are caused.

      • Human Engineering.

        Don't allow users to run programs that aren't installed by IT professionals. Scan all or better yet, block all attachments from outside email.

        Do those two things, and you'll nail just about all vectors.

      • Most of our technology is based on the days when the internet was only for Academics. Allowing for each university to share with the other university. If something went down or got hacked, (which happened a lot) it wasn't that big of a deal. And normally the person who got hacked got a good laugh out of it.

      • Email-borne threats are big, of course.
        Exposed RDP is probably bigger than email-borne threats.
        Dumb passwords are right up. Either defaults and stuff like "admin", or "CompanyName2021!".

        • I wonder how many of these attacks are done by insiders.

          If you know the passwords and vulnerabilities, it would be easy to launch an attack and make it look like an outsider.

          Just don't drive your new Ferrari to work the next week.

          • In my organization, we could tell. We can see what someone does every step of the way, so we can see the difference between using your own credentials vs hacking.

            In the case of a ransomware, which requires administrative credentials:

            If we see Bill login to Bills machine with Bill's password, then login to Bill's account on the admin credential vault with Bill's 2FA, retrieve Bill's admin credential, then start deploying ransomware on the databases Bill has access to, we're going to take a good look at Bill.

            • Let me put this another way.
              Suppose you like to watch football.

              Your 12yo son has access to your coax and HDMI connections on your TV.

              So your son decides he and his friends are going to simulate your favorite team playing a game. They get dressed up in their football uniforms and play, pretending to be your favorite professional team. How long do you think you'd be fooled?

              We watch professional hackers every week, like some people watch football. We know who the teams are, and we know the difference between p

            • In my organization, we could tell.

              Sure, but organizations like yours are not being hit by these attacks.

              The organizations being hit don't even have frick'n backups. So it is unlikely they are taking any of the other precautions either.

              Bill is going to prison.

              Nope. Bill is going to quit his job and go work for the Ferry company instead.

              • > The organizations being hit don't even have frick'n backups

                You have a valid point.

                Though, only recently I asked the question "have we tested restoring the domain controllers (Active Directory)? They did not give the right answer. :)

                We've tested it twice now, only because I made that finally happen. The backup system we have is less than ideal because managers from the IT department bought it, based on a slick sales presentation, without involving IT-Sec. Which is particularly annoying because I used to

      • Nailed it. That’s how a woman infected my old job. We told her not to open zip attachments but she did anyhow. The email was even addressed from herself to herself. She had to open the zip file and then still say yes to executing the vbs script. A while later she asked why all her desktop shortcuts said LOCKY. I had nothing to do with IT there so don’t look at me for security or policies.

      • Someone clicked something they shouldn't have in an email they got

        Don't be so quick to blame the victim. I've been hoodwinked by a phishing email before. I won an auction on eBay. A few hours later, I got an email from eBay about a problem with shipping, which asked me to login to my eBay account to confirm my address, and provided a convenient link. I clicked it and logged in, then immediately realized what I might have done. Logged out, logged in directly to eBay using a different computer, and changed

    • That's because "normal people" and "the authorities" have nearly zero clues about how computers work.

    • The general audience news sites won't typically have that information because they are reporting a ransomware event that's happening right now, today. That information isn't typically known and released while the attack is ongoing.

      We'll get that information later. For the details, check the security related sites, not ABC News, BBC, Faux news, or Coumo News Network.

    • A likely vector of penetration is someone in the Steamship Authority office connected their personal laptop or home computer to the SA's network, letting the bug loose into the intranet. I'm not surprised at the number of these attacks increasing in the wake of a year and a quarter of unplanned work-at-home. Not many organizations had provided for remote working and the suddenness of the Wuhan CoronaVirus lockdowns forced so many of these tiny IT support teams to scramble and let folks just login to get wo
  • I think really only 2 solutions. National firewalls where only approved senders/receivers can go across national boundaries or all companies and individuals institute real security aggressively. Neither is going to happen.
  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Wednesday June 02, 2021 @02:33PM (#61448038) Homepage

    must stop paying out for any costs associated with ransomware - this might persuade companies to defend themselves properly.

    • They could require compliance to decent standards in order to be insured. Leaving companies unable to get insurance against all cyber attacks is unfair - some really aren't the company's fault.

      There needs to be a wider debate about paying ransoms; one idea might be that paying is done on the basis of sacking the head of IT unless he can demonstrate compliance with a certain standard. A smoking gun of a request for more resources for cyber security that the board rejects should also be a reasonable defence :

  • by FudRucker ( 866063 ) on Wednesday June 02, 2021 @02:40PM (#61448056)
    make the internet just internal, USA only, no more connections going to and from outside the USA, then when ransomware or hacking happens it can be narrowed down and the perpetrators caught much quicker. i demand action not just more reports of foreign hackers trashing people's networks for profit
    • by RedMage ( 136286 )

      So you propose... fences?? Yeah, that works. Belarus is trying that right now - go join them.

  • I initially read this as: "Ransomware Attack Disrupts Massachusetts Furries"

    On re-reading, I am much less concerned.

    Massachusetts residents, furry or not, will simply drink-beer-in-place until things are resolved.

Programmers do it bit by bit.

Working...