AWS Threat Intel Finds 600+ FortiGate Devices Hit 

A financially motivated cybercriminal has used commercial generative AI tools to compromise more than 600 FortiGate devices across 55 countries — without exploiting specific software vulnerabilities.

This “… campaign succeeded by exploiting exposed management ports and weak credentials with single-factor authentication, fundamental security gaps that AI helped an unsophisticated actor exploit at scale,” said CJ Moses, CISO of Amazon Integrated Security in his post. 

Inside the AI-Driven FortiGate Attacks

This campaign highlights a growing reality in cybersecurity: AI is lowering the barrier to entry for cybercrime. 

According to Amazon Threat Intelligence, the threat actor — believed to be a Russian-speaking, financially motivated individual or small group — used multiple commercial LLM services to scale established attack techniques across hundreds of potential targets. 

Rather than developing sophisticated new exploits, the actor relied on automation and AI-assisted scripting to amplify well-known methods, turning common weaknesses into opportunities for large-scale compromise.

The intrusion chain began with systematic scanning for exposed FortiGate management interfaces. 

The actor targeted commonly used management ports, including 443, 8443, 10443, and 4443, identifying internet-facing devices that should not have been publicly accessible. 

From there, the threat actor attempted authentication using reused, weak, or default credentials, targeting accounts secured only by single-factor authentication.

The approach was straightforward but effective. Once authenticated, the attacker downloaded full FortiGate configuration files. 

These files contain sensitive information, including:

• SSL-VPN credentials (with recoverable passwords)
• Administrative account credentials
• Firewall policies and routing rules
• Network topology details and IPsec configurations

With this data in hand, the actor used AI-assisted Python scripts to parse and decrypt configuration files, extract credentials, and map internal network environments.  

After gaining visibility into internal systems, the attacker moved laterally. 

Activity included Active Directory reconnaissance and DCSync attacks using available tools such as Meterpreter and Mimikatz to obtain NTLM password hashes. 

This allowed the actor to escalate privileges and expand control within compromised environments.

Backup infrastructure — particularly Veeam Backup & Replication servers — was also deliberately targeted. 

These systems are valuable to financially motivated actors because they often store privileged credentials and represent a critical control point in ransomware operations. 

By compromising backup infrastructure, attackers can both extract additional credentials and weaken an organization’s ability to recover from a destructive attack.

Importantly, the actor did not demonstrate advanced exploit development capabilities. When confronted with patched systems or hardened environments, they struggled. 

Amazon researchers observed repeated failures when the actor attempted to exploit known vulnerabilities such as CVE-2019-7192 and CVE-2023-27532. 

Rather than adapt or engineer new techniques, the actor typically abandoned hardened targets and shifted focus to more vulnerable ones.

Strengthening Cyber Resilience in the Age of AI

As AI makes it easier to automate and scale common attack techniques, organizations should expect threat actors to operate more efficiently and at higher volume. 

Addressing this shift requires consistent execution of security fundamentals, layered controls, and ongoing validation — not just one-time fixes. 

• Eliminate internet exposure of management interfaces, restrict administrative access to trusted networks and enforce MFA for all VPN and privileged accounts.
• Strengthen credential hygiene by rotating administrative and VPN credentials, eliminating password reuse, enforcing strong password policies and deploying privileged access management to remove standing domain admin privileges.
• Segment networks to limit lateral movement, isolate domain controllers and backup infrastructure, and apply zero trust principles with least-privilege and just-in-time access controls.
• Harden Active Directory by restricting DCSync permissions, disabling legacy authentication protocols where possible and closely monitoring replication-related and privilege escalation activity.
• Enhance logging, telemetry and behavioral monitoring to detect anomalous VPN activity, configuration file exports and credential abuse, and leverage AWS tools.
• Secure and isolate backup infrastructure, patch backup software, protect credential stores and implement immutable backups to preserve recovery capabilities.
• Regularly test and refine incident response plans through tabletop exercises that simulate credential abuse and AI-augmented attack scenarios to ensure rapid detection, containment and recovery.

Collectively, these measures help reduce the potential blast radius of a breach and strengthen organizational resilience.

AI Lowers the Barrier to Cybercrime

The campaign highlights an important takeaway for defenders: the greater risk with genAI is not necessarily advanced zero-day exploits, but the efficient automation of well-known attack techniques. 

As generative AI tools become more widely available, actors with low to moderate skill levels can more easily scale credential abuse, misconfigurations, and exposed services, increasing the volume and speed of routine intrusion attempts.

In this AI-powered attack environment, organizations are reexamining their security architectures and adopting zero-trust solutions to eliminate implicit trust, restrict lateral movement, and better contain the impact of credential-driven attacks.