A new and highly sophisticated cyber threat has been identified in Jamaica, placing organizations across multiple sectors at risk of severe operational and financial disruption. 

The Jamaica Cyber Incident Response Team (JaCIRT) recently issued a critical alert about the emergence of FOG Ransomware, a malicious attack designed to encrypt data and extort ransom payments from affected entities. With the severity level deemed critical, businesses face heightened risks of data loss and operational paralysis.

In a live discussion held on February 28 on the ‘Beyond the Headlines‘ programme with Dionne Jackson-Miller, Symptai Consulting Limited’s director of cyber and information security, Rory Ebanks, provided critical insights into the escalating ransomware crisis.

He explained that FOG Ransomware has already compromised approximately 145 victims globally, including organisations within the Caribbean. However, it is not the only active threat—larger ransomware groups such as Akira have been aggressively targeting entities, with over 620 confirmed victims worldwide since 2023.

“What we are seeing is a growing trend of cybercriminals leveraging sophisticated methods such as social engineering to infiltrate networks,” Ebanks warned. “They gain access by tricking employees into revealing credentials or clicking malicious links, and in some cases, they even obtain compromised credentials from the dark web. Once inside, attackers can remain undetected for weeks or even months, studying the network before launching an attack.”

Beyond encryption and ransom demands, these cybercriminals use artificial intelligence to identify and extract an organization’s most sensitive data before locking them out entirely. This new level of strategic infiltration means that recovery is not just about paying a ransom but about mitigating long-term damage. Even with backups, Ebanks highlighted that attackers are now going a step further by encrypting or deleting backups themselves to cripple recovery efforts.

The discussion reinforced that Jamaican organizations cannot afford to be complacent. During the segment, Lieutenant Colonel Godfrey Sterling, director of JaCIRT, emphasized that businesses must prioritise vulnerability management, as unpatched system weaknesses are often the entry points for these attacks.

Despite the availability of cybersecurity resources, many organizations only take action after an attack has already occurred. Symptai has been committed to helping businesses in Jamaica and across the Caribbean move from a reactive to a proactive cybersecurity stance by identifying vulnerabilities, strengthening defenses, and equipping teams with the knowledge to prevent breaches before they happen.

Ebanks underscored the need for a multi-layered cybersecurity approach, advising that businesses implement robust defences, including strong password policies, multi-factor authentication, dark web monitoring, and regular security assessments. However, technology alone is not enough – staff awareness and training remain one of the most critical factors in preventing breaches. “At the core of this issue is the human factor,” he noted. “Cybersecurity is not just an IT problem; it is an organisational responsibility.”

The recent alert is a stark warning that Jamaican businesses are active targets in a rapidly evolving cyber threat landscape. With ransomware groups operating at an unprecedented scale, organizations must shift their approach from reactive to proactive cybersecurity measures. The time to act is now.