Written by the Caribbean Telecommunications Union
Cognisant of the importance of maintaining well-functioning telecommunications and ICT infrastructure, Caribbean countries must continue to strengthen the resiliency of their networks against the broad range of threats to which they are vulnerable. However, doing so requires a multi-pronged approach that strengthens local and regional critical internet infrastructure, emphasises link and route diversification and redundancy, and leverages regional and international collaboration and strategic partnerships. It is almost inevitable that Caribbean countries will experience a major disaster or emergency that compromises their ICT infrastructure—it is a matter of when, not if. Improving their network resiliency will be crucial to provide critical services in the aftermath and recovery phases when they are needed most.
The Caribbean region stands at a critical juncture. Although the region’s development has accelerated thanks to its ability to leverage telecommunications and ICT, which has become a crucial economic and social driver, countries’ digital infrastructure still faces a trifecta of threats: the relentless force of adverse weather and other natural disasters, the insidious creep of cyberattacks, and accidental or intentional infrastructure damage. These vulnerabilities, often intertwined, demand a proactive, innovative, and deeply collaborative approach to make networks more resilient.
1. The Power of Mother Nature
The North Atlantic Hurricane Season, officially from the 1st June to the 30th November, is a period of heightened anxiety across the Caribbean region. Recent storms, such as Hurricane Melissa (2025), Hurricane Beryl (2024), Hurricane Dorian (2019), Hurricanes Irma and Maria (2017), and Hurricane Matthew (2016), left many countries in ruins and severely damaged much of their core infrastructure, including their telecommunications and ICT networks. In some instances, full network restoration has taken years to complete, though every year, the threat of devastation looms.
We also ought to acknowledge that the region, especially the Eastern Caribbean, experiences volcanic activity on a near-daily basis. According to The University of the West Indies Seismic Research Centre, approximately 1200 earthquakes are recorded in the Eastern Caribbean annually. Further, with 21 live volcanoes, including La Soufriѐre in Saint Vincent, which erupted in 2020 and 2021, and the submarine volcano, Kick ‘Em Jenny, located off the coast of Grenada, which last erupted in 2017, both our terrestrial and submarine infrastructure are at risk. For example, the October 2023 earthquake in Jamaica damaged two subsea fibre-optic cables, which were repaired with limited connectivity disruptions. Further, a 2015 Kick ‘Em Jenny eruption led to damage of two subsea cables, caused by a landslide and debris flow that originated from a collapse of the crater rim and flank.
Additionally, due to the heightened seismic activity in the region, we cannot overlook the potential and consequently devastating impact of tsunamis. Though not a common occurrence, with only ten confirmed earthquake-generated tsunamis in the Caribbean Basin in the past 500 years, they still ought to be taken into account when considering the resiliency of the region’s telecommunications and ICT infrastructure
2. The Silent Infiltrator: Cyber Threats on the Rise
Less visible but equally menacing is the escalating threat of cyberattacks. As Caribbean countries embrace digitalisation, their critical infrastructure, financial systems, and their citizens’ personal data have become increasingly attractive targets for malicious actors. The threat becomes even more worrisome when the efforts to deepen regional integration, such as the CARICOM Single ICT Space and, more recently, the complete freedom of movement of nationals between countries, are considered. Recent incidents, such as the ransomware attack experienced by the Telecommunications Services of Trinidad and Tobago in 2023 that resulted in the theft of personal data of over one million customers, or the cyberattack experienced by the BVI Electricity Corporation in 2024 that affected both their internal and external operations, underscore this growing peril.
Though much of our collective focus tends to be on ransomware attacks, we ought to also keep in mind that malware, denial-of-service (DoS/DDoS) attacks, phishing, and insider threats can all be disruptive to organisations and their continued operation, by taking systems offline, encrypting data or flooding networks with traffic. These attacks can render critical systems or data inaccessible, which, if they involve our telecommunications or ICT infrastructure, means that no area or segment of our societies will be spared.
3. Accidental or Intentional Infrastructure Damage
Unlike the previous threats that might appear existential in nature, from a far more powerful or remote source, all too often across the region, telecommunications and internet infrastructure are being compromised by actors much closer to home. Cable and equipment theft or damage is a frequent occurrence across the region, where many of the local telecommunications firms have reported disruptions in service due to vandalism. In Jamaica, for example, in 2022, Flow reportedly lost over USD 10 million in revenue due to vandalism and spent over USD 2 million to restore the affected facilities.
In a different vein, we must also highlight the submarine cable damage, in particular, that has occurred across the region, which has disrupted telecommunications and internet service delivery in-country. For example, a yacht trying to anchor damaged the Bahamas Domestic Submarine Network cable in The Bahamas in 2024, whilst in 2023, an anchor from a mega-yacht damaged the Eastern Caribbean Fibre System cable running to Anguilla, causing significant disruptions to internet connectivity. Further, depending on how submarine cables are laid, damage in one spot could still adversely affect multiple countries, which occurred in 2020 when a submarine cable between Antigua and Guadeloupe was damaged, but service in Dominica, Saint Lucia, Barbados, Saint Vincent and the Grenadines, Grenada, Trinidad and Tobago and Guyana was affected.
A Three-Pronged Approach to Improved Infrastructure Resilience
Addressing the above challenges to realise more resilient telecommunications and ICT infrastructure requires a strategic and integrated framework built on preparedness, innovation, and collaboration. The recommended approach consists of three strategic imperatives as outlined below.
1. Strengthen Local and Regional Critical Internet Infrastructure
As currently configured, most of the region’s internet traffic leaves the region to be routed through nodes located in North America—even if the traffic is destined for the same country from which it was transmitted. Such an approach leaves countries especially vulnerable should submarine cables be damaged due to a storm or other source.
There has thus been a growing call for Caribbean countries to invest in and maintain their own critical internet infrastructure, which would include data centres, Internet Exchange Points (IXPs) and Domain Name System (DNS) servers. These resources, when domiciled locally, properly configured and used, would allow individual countries and even the region (if so arranged) to access internet platforms and services resident or cached in-country, even if international connectivity is not available.
However, it must be emphasised that the procured critical internet resources must be properly configured and used in-country. For example, although 15 of the 20 CARICOM countries have an IXP, and most of them were installed over a decade ago, they still are not operating optimally. In some instances, although the local Internet Service Providers (ISPs) have connected to the requisite servers, little or no traffic is being routed through the exchange point; instead, it is still transmitted to nodes in Florida. On the other hand, the countries that have well-functioning IXPs, which include Grenada, Trinidad and Tobago, Curaçao, Saint Vincent and the Grenadines, and Suriname, have been experiencing continual growth in the traffic being routed through their IXPs, and consequently, lower latency and higher bandwidth capacity, and enhanced redundancy among the benefits being enjoyed.
2. Emphasise Link and Route Diversification and Redundancy
Second, a key vulnerability for Caribbean countries is international connectivity, which is primarily via fibre-optic submarine cables. However, as currently deployed, submarine cable systems in the region are generally configured in a daisy-chain manner. This structure, although economical, also means that should a break occur along the chain, the nodes (or countries) connected after the break may experience a disruption in their connectivity—unless backup or alternative routes have been established.
Further, and again focusing on the region’s submarine cable systems, even when the cables have different owners, they tend to follow similar routes, and the landing stations also tend to be in the same vicinity. Hence, the cables are likely to be exposed to the same threat and have the same vulnerability, thus limiting the redundancy they can deliver.
With new submarine cable systems continually being deployed in the region and existing ones being upgraded, policymakers should require more geographically diverse cable routes and landing stations to be established to improve infrastructure resiliency. Guidance on such matters may soon be available through the International Advisory Body for Submarine Cable Resilience, of which the Caribbean Telecommunications Union (CTU) is a member and a co-chair of one of the working groups. This advisory body, which is a partnership between the International Telecommunication Union (ITU) and the International Cable Protection Committee (ICPC), seeks “…to identify, develop, and promote government and industry best practices for submarine cable resilience…”, through international multistakeholder collaboration.
Additionally, although the general practice across the region has been to use satellite, microwave and other wireless technologies when fibre optic cables might not be tenable, the effort ought to be made to diversify the infrastructure to include wireless technologies. For example, the low Earth orbit (LEO) satellite systems that are currently eager to expand their footprint into the region ought to be welcomed. However, it means that existing policy and regulatory frameworks, which have given limited consideration to satellite or non-wire-based technologies, urgently need to be revisited.
3. Bolster Regional and International Collaboration and Strategic Partnerships
Finally, the inherent interconnectedness of Caribbean nations makes regional collaboration not just beneficial but an imperative. Organisations such as the Caribbean Disaster Emergency Management Agency (CDEMA) and the CARICOM Implementation Agency for Crime and Security (IMPACS) are central to this effort and should feature more prominently in both national and regional infrastructure resiliency initiatives.
CARICOM IMPACS implements the region’s action agenda on crime and security and is a vital resource to combat cyberthreats and cybercrime. Its Regional Intelligence Fusion Centre (RIFC) collates and shares information on threat entities, insights and warnings, thus providing countries with a basis for decision and action. It also provides training and major event support, as well as facilitates regional and international liaisons among the intelligence community. However, as the region’s agency for crime and security, the national counterpart that tends to engage CARICOM IMPACS is law enforcement, and not necessarily those with responsibility for telecommunications and ICT, which would more likely be the lead for network resilience. Hence, through the CARICOM machinery, the requisite links should be established for CARICOM IMPACS to work more closely with ministries for telecommunications and ICT and national Cybersecurity Response Teams (CSIRT) so that the intelligence and support it can provide are efficiently and effectively channelled to the resources on the ground that can best utilise them.
Further, in addition to better leveraging CARICOM IMPACS, Caribbean countries should capitalise on the forum established by the Budapest Convention on Cybercrime to “share experience and create relationships that facilitate cooperation”. At the time of writing, only Grenada and the Dominican Republic are parties to the Convention, whilst Antigua and Barbuda and Trinidad and Tobago are signatories and have been invited to accede to the Convention. As a region with relatively limited resources, and cognisant of the global threat from cybercrime plus the sophistication of the threat actors, our countries could benefit considerably from adopting a more proactive posture and harnessing the resources and expertise available through the Convention.
On the other hand, CDEMA‘s focus is on disaster and emergency management, and more specifically, the coordination of emergency response and relief efforts across the CARICOM region. Due to the prevalence of adverse weather conditions and other natural disasters, most Caribbean countries have well-established national emergency management offices—though they might not always be as well-resourced as expected.
Having said this, the telecommunication and ICT disaster management component would be one of many elements in a national emergency management response, and so may not receive the rigorous treatment or oversight that the dedicated emergency plan should provide. For the past several years, the International Telecommunications Union (ITU), through its Caribbean Office, has been encouraging and supporting countries in the preparation of a National Emergency Telecommunications Plan that provides a more comprehensive approach by addressing key areas such as risk mitigation, disaster preparedness, response and recovery. At the time of writing, few countries had completed preparation of their NETP, with others in the process or about to embark[1].
Finally, it would be remiss not to mention the Tampere Convention on the Provision of Telecommunications Resources for Disaster Mitigation and Relief Operations, which, in times of disaster, facilitates prompt international transport and use of telecommunications equipment to the affected areas by removing regulatory barriers. From a telecommunications and ICT perspective, the barriers include import restrictions, Customs clearance, and licensing and/or frequency authorisation requirements. In the Caribbean, only five countries are signatories to the Tampere Convention: Barbados, Dominica, Haiti, Saint Lucia, and Saint Vincent and the Grenadines. However, the CTU has been encouraging, and in late 2025, a resolution was made by its General Conference of Ministers that countries would sign, ratify and accede to the Convention.
Nevertheless, when the speedy conveyance of telecommunication equipment to the disaster-affected countries in the region is of the essence, the undue delays to secure and process waivers in countries that have not acceded to the Tampere Convention not only put lives at risk but could also undermine contingencies established to support countries that have experienced considerable damage to their telecommunications and ICT networks. As good neighbours, countries should ensure that they have acceded to the Convention so that when a disaster inevitably occurs, a speedy emergency response across the region can be facilitated.
In summary, the Caribbean’s journey towards a more resilient future hinges on its ability to internalise the lessons from past adversities and proactively address the evolving digital landscape, which is driving a more diversified approach, whilst also necessitating deeper harmonisation and collaboration to better manage the critical infrastructure upon which we increasingly rely. Without a doubt, one or more Caribbean countries will experience another major disaster or emergency. Though networks and equipment will be compromised, disrupting service delivery, its resilience—to still provide critical services in the aftermath and ultimately the speed of restoration—is where the true test of the resiliency of their telecommunications and internet infrastructure lies.
– END –
[1] Countries that have completed preparation of their NETP: Dominica, Grenada, Saint Kitts and Nevis, Saint Lucia, and Saint Vincent and the Grenadines. Countries in the process: Haiti and Jamaica. Countries about to embark on the process, Antigua and Barbuda, Belize, Guyana and Suriname.
—END—
The Caribbean Telecommunications Union (CTU) is an inter-governmental organisation dedicated to supporting the development of the Caribbean information and communications technologies (ICT) sector. The CTU also promotes coordination of ICT at the regional level, identifies and removes roadblocks to ICT development, keeps track of industry progress and responds to the needs of the ICT sector, all with the aim of creating a cohesive regional approach to an ICT agenda which embraces the needs of all stakeholders. The CTU is committed to ICT development that reaches the citizens of the region, creating affordable access to ICT and helping citizens to use ICT effectively to transform their lives.
For further information, please contact:
Michelle Garcia
Communications Specialist
Caribbean Telecommunications Union
E-mail: michelle.garcia@ctu.int
Website: http://www.ctu.int/
Tel: 1 (868) 628-0281, ext. 246
Cell: 1 (868) 759-4438
Fax: 1 (868) 622-6523
