Cyber Threat Intelligence Report

Operation Kinetic-Cyber: State-Sponsored & Hacktivist Campaign Analysis

Gulf Region CTI Report documenting 150+ confirmed incidents across 30 nations and 15 critical sectors in a 48-hour window. Prepared for CISOs, CIOs, CTOs, and technical security teams. Classification: RESTRICTED — TLP:AMBER.

What's inside

• Executive summary — highest-intensity cyber campaign in the Gulf since Shamoon 2012
• Threat actor landscape — Handala Hack, DieNet, APT33, MuddyWater, CyberAv3ngers, Predatory Sparrow
• Sector-by-sector incident breakdown with triage-ready concentration risk view
• Aviation: sustained DDoS on Bahrain, Sharjah, King Khalid airports
• Finance: AI-assisted credential theft targeting Riyadh Bank, ADCB, QNB, Kuwait Finance House
• Critical infrastructure: Void Manticore wiper malware — 6–14 hour recovery windows
• Board-level recommendations and 72-hour regulatory notification guidance