Cybercriminals have targeted security systems in Jamaica over four million times in the first half of this year, a significant decline from the 43 million times recorded in 2023.
Cybersecurity experts from computer security provider in Latin America and the Caribbean, Fortinet have cautioned that the reduction should not be a source of respite for businesses and government as this is an indication that cybercriminals have become more strategic in their attacks.
“It doesn’t necessarily mean that that’s a good thing, it means that the techniques have changed, they are going with a more targeted approach whereas in the past it was more like a massive distribution of attacks,” Fortinet’s senior systems engineering manager, Emmanuel Oscar said.
“We are seeing less but the attacks are coming directly at the companies and if companies aren’t prepared to be able to address some of these attacks that are coming their way then they’ll probably end up becoming a victim,” he added.
These attacks, he noted, are increasingly targeted towards utilities companies, transportation and government.
Carlo Caloca, regional sales manager at Fortinet, explained that these companies are earmarked because they are “more robust when it comes to data and it causes more harm, so the ransom for that attack could be a higher stake”.
“So imagine the day when you wake up and you turn on the lights and there is no light, why? Because your electrical grip has been compromised,” Oscar added.
The Bureau of Standards Jamaica (BSJ) confirmed in May that a ransomware attack in February affected some aspects of the state-run agency’s service delivery. It was reported that it cost the entity US$231,900 or J$36.1 million to procure the services of two international companies to recover and secure its information and communications technology (ICT) structure.
The National Certification Body of Jamaica and the National Compliance and Regulatory Authority, which share a campus with BSJ, were also impacted by the cyberattack.
The development followed a similar “cyber incident” at the state-owned oil refinery Petrojam in December and last September’s cyberattack at the Financial Services Commission, the entity that oversees the regulation of Jamaica’s insurance, pension, and securities industries.
The team, which analysed the Caribbean’s evolving cybersecurity landscape during a press conference on Wednesday, also revealed findings from FortiGuard Labs, which highlighted that cybercriminals are exploiting vulnerabilities 43 per cent faster.
Contending that investment in cybersecurity is “not an option” for government agencies and businesses, Oscar acknowledged that some companies are reluctant to put these systems in place. He however stressed that cybersecurity systems should be considered a critical part of operations.
“A lot of times it may be something that is cost prohibitive for a lot of companies so, what we do, we work with them through the resources we have in country, we meet with customers, and help understand what there needs are, and then we work with building a plan that’s going to get them from where they are today to where they want to be,” he said.
Concurring, Oscar emphasized that cybersecurity is ultimately a business decision centered around managing risk. He stated that the average cost of a breach costs between US$4.5 million and US$9 million per year.
