CSIRT-CAN – Centro de Respuesta a Incidentes de Seguridad de Canarias

Report an incident

If you have detected any suspicious activity, attempted fraud or cyber attack, notify us immediately. Our specialized incident response team will analyze the case, take the necessary measures to contain the threat and alert the community to prevent its propagation.

  • There are four different types of priorities to categorize an incident.

    Incident priorities are usually classified into four main categories:

    • Priority 1 (Critical): Incidents that cause a total service outage or affect a large number of users. They require immediate attention and rapid resolution.
    • Priority 2 (High): Incidents that significantly impact service performance or affect a considerable group of users, but do not cause a total outage. They need a quick response.
    • Priority 3 (Medium): Incidents that have a moderate impact on the service or affect a limited number of users. Resolution is important, but not urgent.
    • Priority 4 (Low): Incidents that have minimal impact on the service and affect few users. They can be addressed within a longer timeframe.

  • An event is considered an incident if any of the following situations are detected:

    Unauthorized access: includes all types of unauthorized entry and operations on systems, both successful and unsuccessful:

    Successful unauthorized access without visible damage to technological components.
    Information theft.
    Information deletion.
    Information alteration.
    Recurrent and non-recurrent attempts of unauthorized access.
    Abuse and/or misuse of internal or external IT services that require authentication.


    Malicious code (malware): includes the introduction of malicious code into the technological infrastructure:

    Computer viruses.
    Trojans.
    Computer worms.


    Denial of Service (DoS): events that cause the loss of a particular service.

    Scanning, testing, or attempts to obtain information from the network or a specific server: events that seek to gather information about the technological infrastructure:

    • Sniffers (software used to capture information traveling across the network).
    • Vulnerability detection.

    Misuse of technological resources: events that compromise technological resources due to misuse:

    • Misuse and/or abuse of internal or external IT services.
    • Violation of Internet access policies.
    • Misuse and/or abuse of the Entity’s email system.
    • Violation of regulated information security policies, standards, and procedures.

  • If you suspect that you are facing an information security incident, immediately contact CSIRT-CAN using this form:

Report an incident
CAPTCHA
Image CAPTCHA
Get new captcha!
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.