While very little has so far been divulged about the devastating September 2023 cyberattack on Bermuda Government systems, the Cayman Islands Government has revealed that officials and AI-based defensive systems blocked hackers so completely during an attempted February attack there, that no systems were compromised.

The Caymanian Government is now expecting a detailed review and assessment of the security event from Deloitte.

Bermudians have been told little about the nature of the local cyberattack, including whether it involved ransomware, with David Burt, the Premier, insisting details will be revealed once an inquiry is complete.

The September 20 assault on Bermuda Government systems caused chaos, leaving ministers and civil servants unable to access their computers and put many services offline. Some systems were still affected weeks later.

It came just a month after a cybersecurity expert warned that Bermuda was not prepared to deal with the looming cybersecurity threat of AI.

The House of Assembly this Friday ratified supplementary estimates for the past financial year, agreeing to overspending not previously approved for the fiscal year ending at the end of this month.

The extra $32.92 million that is now a part of the 2023-2024 fiscal year budget included a bill of $4.4 million to pay for “external vendors” drafted in to restore the Government’s IT systems and tighten security after September’s attack.

The Cayman Compass is reporting a Cayman government admission that they may never know who was behind their attack, because defensive systems activated so quickly and effectively that few, if any, clues were left behind.

Government and Deloitte experts have already delivered initial reports into the attack, but the Compass said Monday the government was soon expecting the results of the more comprehensive Deloitte investigation.

The early reports concluded that “an attempted breach on February 9 was thwarted by the cybersecurity Office and no infiltration of systems or exfiltration of data took place,” the Compass reported.

Pamela Greene, the director of the government cyber and information security office, under Cayman’s Ministry of Innovation, told Radio Cayman: “Our AI-based systems detected an intrusion into our systems, and we took prompt action to halt, block, and thwart that cyber attack attempt, pretty much in line with our standard operating procedures.

“Our prompt response meant no government systems were compromised. However, as part of good governance, risk management and best practices, we engaged a third party to independently review and assess.”

An investigation remains under way by police, together with the UK’s National Crime Agency, the National Cyber Security Centre and the US Federal Bureau of Investigation.

Meanwhile, the Cayman Compass said an Innovation Ministry statement noted that authorities were still trying to determine the identities of the perpetrators: “Strict access measures are in place when it comes to data retention along with encryption protocols, regular security audits, data minimisation protocols, advanced security defence systems and next generation intrusion detection and prevention systems and rapid response.”

The statement said the government has a solid reputation globally and in the overseas territories, in particular, for the advanced and robust cybersecurity systems that are in place.

“In addition, as per common practice globally, it said the government does not discuss cyber attempts publicly because they can cause unnecessary alarm and create significant risks of exposing cyber defences.