Resecurity has identified Nasir Security, a likely Iranian-aligned threat actor that targets vendors and contractors supporting Middle East energy firms to conduct supply chain attacks and psychological operations. By compromising third parties and releasing limited samples while overstating exfiltration volumes, the group amplifies perceived impact and collects authentic infrastructure documents that could enable future destructive attacks. #NasirSecurity #DubaiPetroleum
Keypoints
- Nasir Security targets smaller vendors and contractors to bypass the defenses of state-owned energy companies.
- The group exaggerates stolen data volumes and releases only sample files to maximize psychological impact and uncertainty.
- Common tactics include business email compromise, impersonation, exploitation of public-facing apps and insecure cloud storage, and credential harvesting from platforms like FortiGate Cloud and FortiEdge Cloud.
- Authentic documents acquired through these attacks provide blueprints that could enable more destructive future operations and long outages.
- Resecurity warns enterprises to accelerate third-party monitoring and conduct rigorous vendor risk assessments to close supply chain gaps.
Read More: https://securityonline.info/nasir-security-middle-east-energy-supply-chain-attack-propaganda/