~ “I did not know the Prosecutor or Police were busy with any investigation on the hack and I still don’t know today.~”
PHILIPSBURG:--- On Sunday the Prosecutors Office and KPSM said in a joint press release that the Prosecutors Office has submitted a report to the Government of St. Maarten regarding the Black Byte hack that took place on March 17th, 2022. The release states that the report stems from the Freya investigation which includes interviews with staff members of NV GEBE and the RST.
On June 1st SMN News asked the Minister of VROMI Egbert Jurendy Doran at the weekly press briefings for an update on the findings of the prosecutor’s office on the hack and NV GEBE and if anyone would be held responsible for putting the company at risk.
Minister Doran said then that he hadn’t met with the Prosecutor’s office, and he was not aware of any criminal investigations taking place. He said he only heard about such investigations when SMN News queried about it.
When told that the government had indicated on several occasions that an investigation was ongoing and for that reason, information could not be divulged. Even Prime Minister Silveria Jacobs said that the investigation was taking place by the National Security (VDSM). Jacobs said that a discussion had taken place with VDSM and police and the shareholder did request an investigation by VDSM. Jacobs said she did not know if SMN News reporter got confused with the statements she probably made in the absence of the Minister of VROMI.
Several employees of NV GEBE expressed concerns after the hack and said that they were suspicious of the hack and its timing. The workers who prefer to remain anonymous said that for the fear of victimization they are not able to come forward and felt that the investigators needed to launch a criminal investigation in order to obtain the information they need in order to take action against the perpetrators of the hack when they are identified.
On Sunday Prosecutor’s Office and KPSM made their findings known, SMN News contacted the Minister of VROMI reminding him of the questions on June 1st on the floor of the press conference and the release made on Sunday. Doran maintained that he still does not know of any investigation done by the Prosecutor’s office. The Minister said he did not back then and he still does not know of the investigation that was carried out. "I did not know then and I still don't know today." He further explained that he was made aware of the report when it was published on Sunday and it was forwarded to him. “ I do not even know of the report that was presented and who it was presented to because nothing was given to me up today. I do not know if this report will be a discussion point on Tuesday when the Council of Ministers meet for their weekly meeting.”
Later on Sunday Minister Doran said that after double-checking his email he realized an email was sent on Friday and he did not read the report yet.
According to the press release the purpose of submitting the “Freya” investigation report to the St. Maarten government centers on the security risks that have occurred at GEBE as a result of the March 17 incident. The report is also intended to enable the authorities (read government and its related entities) to take appropriate measures.
During the investigation, OM St. Maarten and KPSM were unable to establish sufficiently the actual danger to Sint Maarten due to the hack.
NV GEBE did not cooperate with investigators.
Due to NV GEBE's non-cooperative attitude, there had been no access to the hacked computer system at any time. Therefore, the “Freya” investigation could not establish what were the exact risks for the country and clients of GEBE; who was behind the attack, and the dangers for the future.
On 17 March 2022, a cyber-attack was discovered on GEBE. A message in the computer system indicated that the company had been hacked by “Black Byte”, an organization that focuses on stealing and encrypting data, mainly from companies (ransom ware). As a result of the hack, the entire customer database, financial data and other business data was encrypted.
Sint Maarten's vital infrastructure is the foundation of society. The interconnectivity, small scale and dependence on country’s infrastructure mean that the failure of vital infrastructure, such as the only energy company, has an immediate social impact.
Recently, two major cyber-attacks have hit the vital infrastructure of Sint Maarten. In September 2021, there was a cyber-attack on the Central Bank of Curacao and Sint Maarten (CBCS) and on GEBE. In the past (2018), the Government of Sint Maarten suffered a ransom ware attack whereby the public tasks could not be performed temporarily.
Ransom ware or hostage software is the most common and lucrative form of cybercrime worldwide. Attacks occur daily and the ransoms demanded regularly run into millions of dollars. The extortion of organizations earns criminal groups hundreds of millions of dollars. It causes great damage to the victims and has a socially disruptive effect.