🛡️ Security Bulletin – CSIRT-CAN
Edition: May 2025

✉️ Editorial
We close May with the first edition of the CSIRT-CAN Security Bulletin – your trusted source for staying informed about the latest developments in cybersecurity. This month, we highlight key advances in the digital protection of our institutions, relevant cases across the islands, and practical tips for your digital safety.

🏛️ News from the Canary Islands

🆕 CSIRT-CAN is born: The first Cybersecurity Center in the Canary Islands
The Government of the Canary Islands has officially launched CSIRT-CAN, a pioneering center that will support over 95 local entities across the archipelago, with 26 entities included in the initial phase. With an investment of €7.49 million, the center aims to strengthen prevention, detection, and response to cybersecurity incidents.
Key functions include:
• Real-time threat monitoring
• Training and cyber exercises for public sector staff
• Technical assistance and audits to comply with the National Security Framework

🚨 Pyramid scheme dismantled in Gran Canaria
The Guardia Civil has dismantled a pyramid scheme operating in the islands, affecting dozens of individuals. The operation, named MORGHULIS, was led by the Equipo@ unit in Gran Canaria. Citizens are reminded to be cautious of investment offers promising quick and risk-free returns.

🌐 Cybersecurity Trends

• Increase in malware attacks targeting public administrations
There has been a rise in attempts to infect systems with malicious software, particularly in public entities across the Canary Islands.

• Identity fraud on social media
Cases of fake profiles attempting to deceive users to obtain personal data or commit fraud continue to rise.

🛑 Key Alerts of the Month

• Phishing campaigns impersonating local banks
• Fake emails from the Tax Agency with malicious attachments
• Fraudulent mobile apps posing as public services

🧳 Cybersecurity in Your Free Time

With summer approaching, remember:
• Avoid connecting to public Wi-Fi networks without protection
• Use a VPN when accessing sensitive services from abroad
• Turn off Bluetooth when not in use

📌 CSIRT-CAN Recommendations

• Enable two-factor authentication on all your services
• Keep your devices updated
• Be wary of urgent messages requesting personal information

🎯 Hackron 2025: Santa Cruz de Tenerife becomes the cybersecurity hub of the Canary Islands

📍 On May 29, the Auditorio de Tenerife Adán Martín hosted the 12th edition of Hackron, the leading cybersecurity conference in the Canary Islands. The event brought together top-tier experts and professionals to discuss current and future digital challenges.

💡 A highlight of the day was the presentation by CSIRT-CAN. Guadalupe González, General Director, shared insights into the regional management of cyber incidents, the center’s response capabilities, and the emerging challenges facing the Canary Islands’ digital ecosystem. Her talk underscored the strategic role of public cybersecurity teams.

📅 Agenda Highlights:
· Analysis of current threats such as ransomware and generative AI risks
· Keynotes by leaders like Hazel Diez Castaño (Banco Santander) and Sandra Bardon (United Nations)
· Roundtable: “Tenerife Tourism – Check-out from the hotel, check-in to the dark web” with tourism and legal experts
· CTF-style practical challenges for Blue Teams
· Presentation of tools and best practices for businesses, citizens, and the public sector

🚀 The event was supported by the City Council of Santa Cruz de Tenerife, the Government of the Canary Islands, and the Cabildo of Tenerife, as part of an ambitious cybersecurity investment plan exceeding €2 million.