Ethical Hacking News
Pro-Iranian Nasir Security has been targeting energy companies in the Gulf region with a series of high-profile cyber attacks, resulting in significant financial and technological damage. The group's use of sophisticated tactics, including supply chain attacks and psychological operations (psy ops), poses a significant threat to regional energy companies. To mitigate this risk, security experts are urging energy companies to take immediate action to strengthen their defenses against Nasir Security and other potential threats.
Nasir Security, a Pro-Iranian cyber threat actor, has been identified as the driving force behind high-profile attacks on energy companies in the Gulf region. The group's primary target is supply chain vendors involved in engineering, safety, and construction, using tactics like spear phishing and exploiting public-facing applications to exfiltrate sensitive data. Targeted companies include Dubai Petroleum (UAE), CC Energy Development (Oman), an Iraq-based oil and gas sector organization, and Al-Safi Oil Company (PURE IN) in the Kingdom of Saudi Arabia. Data theft from vendors has resulted in stolen documents containing sensitive information, including schemes, contracts, and risk assessment reports. Nasir Security's sophisticated tactics have allowed it to evade detection, but security experts warn that this may not be a long-term strategy due to ongoing regional cyber threats. The group is expected to continue using "false flags," psychological operations, and influence campaigns in the region, posing a significant threat to energy companies. Energy companies in the Gulf region are urged to take immediate action to strengthen their defenses against Nasir Security and other potential threats.
Pro-Iranian Nasir Security, a relatively new and sophisticated cyber threat actor, has been identified as the driving force behind a series of high-profile attacks on energy companies in the Gulf region. These attacks, which have been ongoing for several months, have already resulted in significant financial and technological damage to the affected organizations.
According to recent intelligence reports, Nasir Security's primary target has been supply chain vendors involved in engineering, safety, and construction. The group has employed a range of tactics, including business email compromise (BEC) via targeted spear phishing (T1566), impersonation (T1656), and exploiting public-facing applications (T0819). These tactics have allowed Nasir Security to exfiltrate sensitive data from insecure cloud storage services (T1530), which has been used to gain valuable insights into the operations of its targets.
The Gulf energy sector, which is already under significant pressure due to geopolitical tensions and conflicts in the region, has been hit particularly hard by these attacks. Dubai Petroleum (UAE), CC Energy Development (Oman), an Iraq-based organization in the oil and gas sector, Al-Safi Oil Company (PURE IN), which operates gas stations in the Kingdom of Saudi Arabia (KSA) and other regions, have all been targeted by Nasir Security.
In all these cases, Resecurity's assessment indicated that data theft from their vendors had occurred, with stolen documents including schemes, contracts, risk assessment reports, and other sensitive information. These documents, which were acquired through phishing campaigns and supply chain attacks, have provided valuable intelligence to the attackers, who are using this information to identify key infrastructure components that, if damaged, would significantly impact the facility and be difficult to repair.
The use of sophisticated tactics by Nasir Security has allowed it to evade detection and remain relatively low-profile, despite the significant financial and technological damage it has already inflicted on its targets. However, security experts are warning that this may not be a long-term strategy for the group, as the ongoing regional cyber and military threats in the Gulf region will likely continue to drive the escalation of attacks.
In fact, Resecurity expects an increase in "false flags," psychological operations (psy ops), and influence campaigns amplifying current events in Iran, which is likely to be orchestrated by Nasir Security. The group's efforts to generate quantitative rather than qualitative results to demonstrate counteraction during the war, leveraging cyberspace as a critical domain of warfare and psychological operations (psyops), will also continue to pose a significant threat to regional energy companies.
The Gulf energy sector is already vulnerable to cyber attacks due to its complex infrastructure and interconnected systems. The recent pause in Nasir Security's activity since October 2025 has raised questions about the group's long-term intentions, as well as its ability to continue to operate effectively in the face of increasing scrutiny from regional security agencies.
In light of these developments, security experts are urging energy companies in the Gulf region to take immediate action to strengthen their defenses against Nasir Security and other potential threats. This includes implementing robust cybersecurity measures, such as threat intelligence systems, to monitor for suspicious activity and respond quickly to any potential attacks.
Furthermore, the use of supply chain risk management techniques, such as regular audits and assessments of third-party vendors, can also help to mitigate the impact of cyber attacks on energy companies in the Gulf region. By taking proactive steps to address these vulnerabilities, energy companies can reduce their exposure to Nasir Security's sophisticated tactics and minimize the potential damage from future attacks.
In conclusion, the recent attacks by Pro-Iranian Nasir Security on energy companies in the Gulf region highlight the growing threat of cyber warfare in this critical sector. As the situation continues to evolve, it is essential that regional energy companies take immediate action to strengthen their defenses and protect themselves against these types of sophisticated attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Gulf-Energy-Sector-Under-Siege-Nasir-Securitys-Sophisticated-Cyber-Attacks-ehn.shtml
https://securityaffairs.com/189865/cyber-warfare-2/pro-iranian-nasir-security-is-targeting-energy-companies-in-the-gulf.html
https://www.resecurity.com/blog/article/pro-iranian-nasir-security-is-targeting-the-energy-sector-in-the-middle-east
https://www.pbs.org/newshour/world/iran-intensifies-attacks-on-gulf-energy-sites-after-israel-struck-its-key-gas-field
Published: Mon Mar 23 10:13:10 2026 by llama3.2 3B Q4_K_M
