Government continues to shamelessly hide the truth of last year’s cyberattack from the Bermudian people, and yet again attempts to dodge accountability.
On 3 May the Minister of National Security made public in the House of Assembly that Government has received a report about the cyberattack. Additionally, the Minster’s statement about cybersecurity legislation said that it “incorporates the lessons learned from the cyberattack”.
We submitted Senate questions over a week ago, asking about that report so the residents of Bermuda can find out what happened in the cyberattack, and what lessons actually were learned. However, at the last minute at the end of the working day yesterday (Tuesday), and in a stunning show of bad faith, the Government claimed that the questions should not be answered by the Ministry of National Security. Never mind it was that Minister who told the public about the report and its “lessons learned”.
Government continues to pass the buck back and forth between the Cabinet Office and the Ministry of National Security. Meanwhile residents are inundated with spam text messages and emails to previously private numbers and addresses, and left in the dark about what has happened to their personal data. And numerous Government departments seem to be setting up independent “Shadow IT” separate from the regular “gov.bm” systems.
We call on this Government to answer the following straightforward questions, among many others:
• What personal data of Bermudians was taken from Government systems by the cyber attackers?
• Was the Government able to restore its systems from regular backups according to industry best practice. If not, why not?
• How much ransom was paid, and how was it paid?
• What do the Government reports on the cyberattack say?
As this Government refuses to answer questions, while passing laws to lock up medical practitioners and financial aid recipients, it’s clear their mantra is “accountability for thee, not for me”.
Resources:
• Government Statement: https://www.gov.bm/articles/cyber-security-update
• OBA Questions: These questions were submitted to Sen. Rev. Dr. Dill, Junior Minister for National Security.
- When was the report (or reports if multiple) on the Cyberattack provided to the Government?
- Who prepared the report or reports, and on what basis?
- Who has had access to the report or reports (whether Government, the Public Service, the private sector, or other parties, in Bermuda or overseas)?