Video: Premier Updates On Cyber-Attack

October 16, 2023

[Updated] Premier David Burt is holding a press conference to provide an update on the ongoing restoration of services following the cyber incident. Further information will be available later, and in the meantime, you can watch the live video below.

Update: The Premier said, “The forensic review of the attack and its impact continues, but there has not been a forensic confirmation of an exfiltration of data. Notwithstanding the fact that this has not been forensically confirmed, there is circumstantial evidence that data may have been taken, and we are working on that assumption with the Government’s privacy team to ensure that impacted parties can be notified.

“In the wake of this incident, our teams within IDT have implemented new tools to further strengthen our security posture to greatly reduce the possibility of such an incident happening in the future.”:

Update: The Premier’s full statement follows below:

I’m joined today by the Minister of National Security, the Hon. Michael Weeks, and the Minister for the Cabinet Office and Tourism, the Hon. Vance Campbell.

Last month, the Government of Bermuda was the victim of a highly sophisticated and methodical cyber- attack that caused significant disruption to our IT systems. From the first moment that this cyber-attack was discovered, technical officers, Public Service leaders, and Ministers have been working relentlessly and taking every measure possible to address this incident, restore Government systems safely, and ensure that the people of Bermuda have access to the services required to be provided by the Government of Bermuda.

Prior to this sophisticated attack, the Government had been engaged in a purposeful process enhancing the security of the Government’s IT infrastructure. IDT had implemented enhanced security measures and crafted an IDT security strategy, structured patch management and backup strategies. The teams at IDT were in the process of implementing new monitoring tools to gain further insights into our IT infrastructure. IDT had recently completed a full-risk assessment of our internal systems and completed a security plan, including strategies to combat cyber-attacks. In addition, we launched user awareness and cyber phishing programs to enhance our security further.

However, despite these proactive efforts – which were ongoing – the Government of Bermuda’s IT network fell victim to a malicious attack. The scale of this attack was unprecedented and not comparable to previous cyber-attacks that the Government of Bermuda has experienced.

As stated previously, not all government systems were impacted during this attack. Some of this was due to the structure of our network, where some systems are isolated, and the rest was due to the execution of the cyber-response plan, where all systems are taken offline to reduce the opportunity for any malicious programmes to spread through our IT infrastructure.

Following these initial actions, the Government immediately engaged the Bermuda Police Service and partnered with a high-level cybersecurity specialist team to contain, eradicate, and remediate the threat. The forensic review of the attack and its impact continues, but there has not been a forensic confirmation of an exfiltration of data.

Notwithstanding the fact that this has not been forensically confirmed, there is circumstantial evidence that data may have been taken, and we are working on that assumption with the Government’s privacy team to ensure that impacted parties can be notified.

In the wake of this incident, our teams within IDT have implemented new tools to further strengthen our security posture to greatly reduce the possibility of such an incident happening in the future.

I must reiterate that this was a sophisticated and methodical attack, and restoring Government data and systems has been a monumental and complex task that has required patience and attention to detail.

Thanks to the continued hard work of technical officers, I am happy to provide the following service updates.

  • The Department of Planning website and self-service portal were back online as of Thursday, October 12 th
  • The Judiciary IT systems (JEMS) are back online as of Thursday, October 12th
  • Electronic Border Control systems are operational, and the e-gates are working at LF Wade International Airport as of Friday, October 13th
  • The Government cashiers on the first floor of the Government Administration Building also were able to accept credit card payments last week in addition to cheques and cash that they have been accepting for the past few weeks.
  • The BermudaJob Board is back online, and also the Government careers website which were both restored over the weekend.
  • Most email services have been restored for Government users, and we are working through some challenges to ensure that all users can access current and historical email.
  • The Department of Immigration is fully online, and work will conclude today to ensure they are able to print all documentation and issue new permits.
  • Government phones were brought online last week. However, there are some outages today which are unrelated to the cyber-attack.
  • Financial Assistance Computer systems were restored early last week, enabling the processing of various payments necessary for the vulnerable in our community.
  • Post Office Systems have been restored, and mail processing for international mail resumed last week.
  • The Office of the Tax Commissioner is online and is accepting payments as normal, as is e-Tax.
  • The Government also put out a reminder that today is the tax filing deadline for payroll tax, and all payments can be made in the normal fashion.
  • The E1 System, which is the Government’s main accounting system, was brought back online last week. The system itself was not subject to the attack. However, there is a difference between a system being impacted versus the access to those systems being impacted. That was restored last week, and controllers were able to access the system to begin reconciling data against all of the manual work that has taken place over the last few weeks.
  • The Customs IT systems known as CAPS was also restored last week. We are now working with external vendors and our local banks to restore connectivity to the Government’s network – to ensure the timely processing of payments based upon the enhanced security measures that have been placed on our network.

As systems come back online, the Government appreciates the continued patience of the public, as
public officers deal with a significant backlog following the inability to access most systems for the past 3
weeks.

The Government’s target for full restoration of all services and all departments and persons is the end of this week, and all IT teams, both internal and external vendors, are working towards that goal.

I thank all the technical officers, or as we have recently termed them, Team Public Service, who have been working around the clock over the last few weeks to restore our systems and enhance our IT security. And thank all of those officers who have been working to keep services functioning often in different circumstances, having to revert back to manual processes.

Within each Ministry, remarkable endurance and adaptability have been shown to continue serving the public despite the limited access to tools and systems. The dedication demonstrated over these last few weeks is a testament to the resilience of our public service and our island.

In today’s world of social media, I recognise that it is easy for the facts to be distorted and for rumours to spread rapidly based on misinformation. However, I want to be clear: this cyber-attack was directed at the Government of Bermuda. It was not an attack on any particular political party or individual but on the IT systems used by the Government to serve the people of Bermuda and support the economy of Bermuda.

Technology plays a pivotal role in our everyday lives. It is essential in education, business, healthcare, public administration and Government affairs. With that in mind, this Government decided some time ago to move Cyber Security for the country under the remit of the Minister of National Security, recognising the national safety implications of cybersecurity in the modern world.

This cyber-attack was treated as a matter of national security, and it was incumbent upon the Government to act accordingly in all forums. It was vital that we did not share information that could further incentivise our attackers (whom we had
to assume were always watching and listening) and compromise our restoration efforts. I know that, at times, this was frustrating for the public, but it was essential to the ongoing investigation and the restoration of our systems.

Once our systems are fully restored, and services have returned to normal operations, the Government will initiate a full enquiry into the matter, and in my view, the best place for this to be will be via the parliamentary process so that government backbenchers and opposition members can participate. I will discuss this with the Speaker of the House and the leader of the opposition and work with them to establish an appropriate parliamentary committee to look into this matter.

As I close, I want to thank the public for their patience and their cooperation. I want to stress that the people of Bermuda can be reassured knowing that the Government continues to work diligently and purposefully in our restoration and recovery.

There is still work to be done, but I am both grateful and proud of all the progress made by technical officers restoring Government systems and look forward to more systems coming back online in the coming days and reaching our target of full restoration by the end of this week. Thank you.

click here Bermuda generic 2023 cycber-attack

Read More About

Category: All, News, Videos

Comments (3)

Trackback URL | Comments RSS Feed

  1. Ringmaster says:

    Clearly, and despite an IT expert as Premier, the Government’s IT systems were woefully outdated. No doubt there were plans to form committees to look into this problem over the years, but nothing was actually done. To have the system hacked at 10pm but not noticed until the next morning is proof of how woefully inadequate the system and controls were.

    • Joe Bloggs says:

      Alternatively, with nearly $4 Billion in current account debt, roughly the same again in unfunded pension liabilities and a decision to cease paying into the sinking fund so that we will not have any money to pay our debt when the principal falls due, it is possible that the PLP Government took the decision that Bermuda cannot afford to pay for high end cyber security.

  2. Hilarious! says:

    I laughed so hard after the first few minutes that I fell off my chair and missed the part where people were fired for not doing their jobs.

    People did get fired, right? Has any seen Bermuda’s Chief Information Officer Whatshisname?