Caribbean island of Martinique dealing with cyberattack that disrupted government services

The Caribbean island of Martinique is dealing with a cyberattack that has disrupted internet access and other infrastructure for weeks.

Martinique has a population of about 360,000 and is controlled by France, serving as an outermost region of the European Union.

In a notice on May 24, the council that runs Martinique said a cyberattack “heavily disrupted the activities of the community and directly impacted users and partners.”

The notice said the attack began on May 16, forcing officials to isolate the affected systems. Cybersecurity experts were mobilized to help gradually restore their operations.

“Regarding education services, technical solutions are being set up to restore internet access to colleges and high schools. School administrators and the government are coordinating in order to ensure the smooth handling of exams. The government will make every effort to ensure the payment of social benefits,” officials said in a statement.

“Regarding financial services, the community will be able to issue new purchase orders and ensure the payment of bills. These must be filed in paper format from the mail office in Plateau Roy. Concerning aid and subsidy services, the filing of requests must be made in paper format to the office in Plateau Roy due to the unavailability of online platforms.”

The island’s government and the French Foreign Ministry did not respond to requests for comment. France’s cybersecurity agency also did not respond to inquiries.

Some government offices were closed until June 1. The government’s website is still down as of Monday.

While little information has been provided about the current state of government offices, the government published a notice about cyberattacks on Friday, writing that “several cyber attacks have targeted local communities and paralyzed their computer systems.”

France’s National Agency for Information Systems Security (ANSSI) provided several recommendations for organizations on the island, urging them to provide guides to employees about cyber hygiene and increase the use of security tools like firewalls, antivirus software and intrusion detection programs.

The notice said victims should immediately disconnect any computers suspected of being attacked from the larger network “in order to prevent the spread of the attack” — advice commonly disseminated following ransomware attacks. Victims should immediately contact their IT teams as well as the local police if they suspect an attack has occurred, the note said.

Databreaches.net first reported on Sunday that the Rhysida ransomware group took credit for attacking the island’s systems, leaking all of the stolen files – much of which appears to be government data.

The group first emerged in late May 2023 and little is known about their operations. A SentinelOne report said the group masquerades as a “cybersecurity team” attempting to help victims by “highlighting the supposed potential ramifications of the involved security issues.”

This is not the first French island territory to face off against hackers. Guadeloupe – an overseas department and region of France in the Caribbean consisting of six islands with a population of about 385,000 – dealt with a cyberattack that crippled many of the local government’s systems.