Full Report
Off-the-shelf tools helped Russian-speaking cybercrime group run riot Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS.…
Analysis Summary
# Incident Report: AI-Augmented FortiGate Firewall Campaign
## Executive Summary
A Russian-speaking cybercrime group leveraged off-the-shelf generative AI tools to launch a high-volume attack campaign against internet-exposed FortiGate firewalls, compromising over 600 devices in 55 countries within just over a month. The attackers primarily used automated scanning and credential stuffing, enabled by AI-generated playbooks, to gain initial access, extract sensitive configuration data, and move toward core network assets like Active Directory and backup systems. The incident highlights the risk posed by threat actors using readily available AI to automate complex attack workflows at machine speed.
## Incident Details
- **Discovery Date:** Not explicitly stated, but report published by AWS on Mon 23 Feb 2026.
- **Incident Date:** Mid-January to mid-February (duration of the campaign).
- **Affected Organization:** Over 600 organizations globally (Internet-exposed FortiGate firewalls).
- **Sector:** Mixed/Varies (Opportunistic targeting across multiple regions).
- **Geography:** 55 Countries across Europe, Asia, Africa, and Latin America.
## Timeline of Events
### Initial Access
- **Date/Time:** Campaign ran from mid-January to mid-February.
- **Vector:** Exploitation of internet-exposed FortiGate firewall management interfaces.
- **Details:** The group scanned externally facing FortiGate devices and employed automated credential stuffing using commonly reused or weak passwords ("trying every digital door handle at machine speed"). AI tools were used to generate attack playbooks and scripts to facilitate this automation.
### Lateral Movement
- **Date/Time:** Post-initial firewall compromise.
- **Vector:** Exploitation of configuration data obtained from the firewall.
- **Details:** After accessing the firewall, attackers downloaded configuration files which provided network topology, firewall rules, and administrator/VPN credentials. They used this mapping to move deeper into environments, targeting Active Directory, dumping credentials, and probing for opportunities to move laterally. Backup systems (e.g., Veeam servers) were also targeted.
### Data Exfiltration/Impact
- **Date/Time:** During the post-access phase.
- **Vector:** Credential harvesting and configuration theft.
- **Details:** Configuration files (containing sensitive network structure and credentials) were exfiltrated. This privileged access was then used to dump credentials from internal systems like Active Directory.
### Detection & Response
- **Date/Time:** Post-campaign activity analysis, detailed in AWS report.
- **Vector:** Security monitoring/Threat intelligence by AWS.
- **Details:** AWS security teams identified the activity and analyzed the custom, AI-generated tooling used by the threat actor. The response actions were largely focused on customer remediation advisories, emphasizing patching and hardening (as detailed further below).
## Attack Methodology
- **Initial Access:** Scanning for exposed FortiGate management interfaces and credential stuffing using weak/default passwords, augmented by AI-generated tools.
- **Persistence:** Not explicitly detailed, but gaining access to internal network maps and credentials suggests potential establishment of backdoors or use of stolen VPN/admin credentials.
- **Privilege Escalation:** Likely achieved through harvesting VPN/Admin credentials from firewall configs, providing a pathway to internal AD infrastructure.
- **Defense Evasion:** Not heavily emphasized; the strategy relied on volume and speed, abandoning targets that resisted quickly.
- **Credential Access:** Dumping credentials from Active Directory post-firewall breach.
- **Discovery:** Using harvested configuration files to map network topology and identify internal assets (AD, backups).
- **Lateral Movement:** Using harvested internal credentials to pivot from the firewall endpoint to core network infrastructure.
- **Collection:** Harvesting firewall configuration files, administrative credentials, VPN credentials, and potentially internal data from AD.
- **Exfiltration:** Configuration files and internal credentials were the primary items extracted.
- **Impact:** Gaining mapping of victim networks and access to critical internal systems, including backup infrastructure.
## Impact Assessment
- **Financial:** Not disclosed, but significant costs associated with remediation and potential downtime.
- **Data Breach:** Configuration files containing network architecture, administrator passwords, and VPN credentials. Potentially data accessible via compromised Active Directory.
- **Operational:** Disruption occurred as attackers reached internal network segments and targeted backup systems, increasing risk of service disruption if further actions had been taken.
- **Reputational:** Impact on organizations trusting FortiGate appliances, and amplified risk for managed service providers.
## Indicators of Compromise
- *IOCs not provided in the source text (Focus was on methodology and scale).*
## Response Actions
- **Containment:** Attackers reportedly abandoned targets that resisted, suggesting inherent self-containment for highly hardened environments. AWS likely triggered alerts and advisories to organizations.
- **Eradication:** Unspecified, but would require resetting all credentials exposed via firewall configs and internal AD, and patching vulnerable FortiGate instances.
- **Recovery:** Re-establishing secure network access using MFA and reviewing configurations.
## Lessons Learned
- **AI Amplification:** Off-the-shelf generative AI tools significantly lowered the barrier to entry, enabling a small group to execute a large-scale, sophisticated campaign previously requiring significant resources.
- **Volume over Finesse:** The attack demonstrated the effectiveness of automated, high-volume credential stuffing against unhardened public-facing entry points.
- **Tool Quality:** Even "rough around the edges" AI-generated tooling can be highly effective when applied broadly.
## Recommendations
- Immediately take all device management interfaces off the public internet.
- Enforce Multi-Factor Authentication (MFA) on all administrative and VPN access points, especially for firewall management.
- Eliminate the reuse or use of weak/default passwords across all infrastructure components.
- Regularly review firewall configurations and credentials, and implement network segmentation to limit lateral movement risk from perimeter devices.