Cyberattacks on the rise in Jamaica and the…

Fortinet, a global leader in cybersecurity driving the convergence of networking and security, has released its 2026 Global Threat Landscape Report from FortiGuard Labs, revealing a dramatic escalation in AI-enabled cybercrime and a rapidly evolving global threat environment.

Regionally, the English-speaking Caribbean experienced 325 million cyberattack attempts in 2025, with Jamaica accounting for 46.7 million of those attempts and 7 million active scans detected. These figures highlight the island’s growing exposure within an increasingly interconnected digital landscape.

The report, based on FortiGuard Labs telemetry from 2025, underscores a fundamental shift in how cybercrime operates – no longer as isolated incidents, but as a coordinated, system-driven ecosystem where attackers compress timelines and scale operations using advanced tools, including artificial intelligence.

“Cybercrime is one of the world’s most pervasive and costly threats, and our latest report shows how malicious actors are now leveraging agentic AI to execute faster, more sophisticated attacks,” said Derek Manky, Chief Security Strategist and Global VP of Threat Intelligence at Fortinet FortiGuard Labs. “As cybercriminal capabilities evolve, defenders must match that speed with AI-enabled, industrialised security operations.”

The report finds that speed has become a defining factor in cyber risk. Time-to-exploit (TTE) has dropped significantly, with critical vulnerabilities now being targeted within 24 to 48 hours – down from an average of nearly five days in previous years. In some cases, active exploitation begins within hours of public disclosure, leaving organisations with an increasingly narrow window to respond.

Ransomware activity has also surged dramatically, with 7,831 confirmed victims globally – a 389% increase year-over-year. This spike is largely attributed to the growing availability of cybercrime-as-a-service tools such as WormGPT, FraudGPT, and BruteForceAI, which lower the barrier to entry for attackers. The manufacturing, business services, and retail sectors emerged as the most heavily targeted industries, while North America and Europe remain key geographic hotspots.

Cloud environments are facing mounting risks driven less by infrastructure vulnerabilities and more by identity-related exposures. The report reveals that most cloud breaches stem from stolen or misused credentials, with sectors such as healthcare and retail particularly vulnerable due to complex access systems and large identity footprints.

Warning of a system hacked. Virus, cyber attack, malware concept. 3d rendering.

Further insights point to the industrialisation of cybercrime operations. Today’s most advanced threat actors operate like structured enterprises, supported by shadow agents, access brokers, and botnet operators. AI-powered tools are enabling attackers to automate reconnaissance and streamline attack execution, reducing the need for technical expertise while increasing efficiency and scale.

This shift is reflected in changing attack patterns. While brute force attempts declined by 22% globally, this is not indicative of reduced threat activity. Instead, attackers are becoming more precise, using intelligent targeting to improve success rates. At the same time, exploitation attempts rose by over 25%, signalling a move toward more effective and strategic attack methods.

Data theft is also evolving. Cybercriminals are increasingly prioritising comprehensive datasets over simple credential leaks. Stealer logs – containing detailed user information and contextual data – now dominate dark web marketplaces, accounting for over 67% of shared data. This allows attackers to bypass traditional attack methods and immediately exploit compromised identities.

Credential-stealing malware continues to play a central role in this ecosystem. Variants such as RedLine, Lumma, and Vidar collectively account for millions of infections globally, reinforcing their position as key tools in generating exploitable data for cybercriminal operations.

Hacker attack computer hardware microchip while process data through internet network, 3d rendering insecure Cyber Security exploit database breach concept, virus malware unlock warning screen

In response to these escalating threats, Fortinet continues to collaborate with global partners to disrupt cybercrime networks. A recent INTERPOL-led initiative, supported by Fortinet through the World Economic Forum’s Cybercrime Atlas, resulted in the dismantling of a major cybercriminal operation targeting financial systems across Africa. Operations such as Red Card 2.0 and Serengeti 2.0 demonstrate the impact of coordinated, cross-sector action.

To further strengthen global cyber resilience, Fortinet and Crime Stoppers International have also launched the Cybercrime Bounty program, providing a secure and anonymous channel for individuals to report cyber threats and contribute to disruption efforts.

The findings of the 2026 Global Threat Landscape Report reinforce the urgent need for organizations to rethink cybersecurity strategies, invest in advanced technologies, and adopt a proactive, intelligence-driven approach to defense.