“[AI] is making certain types of attacks more accessible to less sophisticated actors who can now leverage AI to enhance their capabilities and operate at greater scale,” said Amazon’s CSO Stephen Schmidt, regarding AWS’ report that found over 600 Fortinet FortiGate firewalls were compromised.
More than 600 Fortinet FortiGate firewalls were hacked by “unsophisticated” cybercriminals who used off-the-shelf generative AI tools to scale the attack to over 55 countries, according to a new incident report from Amazon Web Services.
“What’s significant is how AI enabled this actor to operate at scale, generating attack plans, developing tools, and automating operations in ways that would have previously required substantial resources and technical expertise,” said Stephen Schmidt, senior vice president and chief security officer at Amazon, in a LinkedIn post.
The Amazon Threat Intelligence report said the attacker was a Russian-speaking actor, or a small group, with limited technical capabilities and not associated with any threat group with state-sponsored resources.
“This is part of a pattern we’re seeing where AI is lowering the barrier to entry for threat actors,” the Amazon CSO said.
[Related: Andy Jassy On AWS’ $244B Backlog, Trainium4 And AI Chips Strategy]
“It’s making certain types of attacks more accessible to less sophisticated actors who can now leverage AI to enhance their capabilities and operate at greater scale,” he added.
The cyberattack ran from January 11 to February 18, 2026, and compromised over 600 FortiGate devices across 55 countries in Africa, Asia, Latin and North America, and Europe.
CRN reached out to Fortinet for comment on the report, but had not responded by press time.
Threat Actors Usage Of AI
The cyber hackers used several commercial generative AI (GenAI) services to implement and scale well-known attack techniques throughout every phase of their operation, according to AWS.
The hackers used at least two commercial LLMs to plan the attacks, generate tools, and assist with the operation, including duration and success rate assessments.
“These plans reference academic research on offensive AI agents, suggesting the actor follows emerging literature on AI-assisted penetration testing,” said CJ Moses, chief information security officer and vice president of security engineering in the AWS security report.
“The AI produces technically accurate command sequences, but the actor struggles to adapt when conditions differ from the plan,” Moses said.
The threat actor used AI to generate comprehensive attack methodologies complete with step-by-step exploitation instructions, expected success rates, time estimates, and prioritized task trees.
Unsophisticated Hacker ‘Successfully Compromised Multiple Organizations’ Environments
AWS said the actor used multiple AI services in complementary roles: One serving as the primary tool developer, attack planner, and operational assistant; and a second used as a supplementary attack planner when the actor needs help pivoting within a specific compromised network.
“They are likely a financially motivated individual or small group who, through AI augmentation, achieved an operational scale that would have previously required a significantly larger and more skilled team,” said Moses.
“Yet, based on our analysis of public sources, they successfully compromised multiple organizations’ Active Directory environments, extracted complete credential databases, and targeted backup infrastructure, a potential precursor to ransomware deployment,” Moses said.
The hackers’ infrastructure contained numerous scripts in multiple programming languages “bearing hallmarks of AI generation, including configuration parsers, credential extraction tools, VPN connection automation, mass scanning orchestration, and result aggregation dashboards,” according to the AWS report.
How The Cyber Criminals Did It
The threat actors scanned FortiGate management interfaces exposed to the internet and sought to gain access using commonly reused credentials.
They developed AI-assisted Python scripts to parse, decrypt and organize these stolen configurations.
Once VPN access to victim networks was gained, the cyber criminals deployed a custom reconnaissance tool—likely developed with AI services—with different versions written in both Go and Python.
Inside the victims’ networks, the threat actor leveraged open-source offensive tools including domain compromise using Meterpreter; using standard poisoning tools and remote command execution on Windows hosts; and exploitation attempts leveraging known vulnerabilities in Veeam Backup & Replication servers.
“Notably, when this actor encountered hardened environments or more sophisticated defensive measures, they simply moved on to softer targets rather than persisting, underscoring that their advantage lies in AI-augmented efficiency and scale, not in deeper technical skill,” Moses said.
“Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale—a trend Amazon Threat Intelligence has been tracking closely,” said Moses.
AWS infrastructure was not involved in the campaign and said no exploitation of FortiGate vulnerabilities was observed.
What FortiGate Customers Need To Do
AWS said customers running FortiGate appliances should take immediate action by ensuring management interfaces are not exposed to the internet.
The report also says customers need to change all default and common credentials on FortiGate appliances, including administrative and VPN user accounts.
Other actions that should be taken include: auditing for password reuse between FortiGate VPN credentials and Active Directory domain accounts; implementing multi-factor authentication for all VPN access; and rotating service account credentials.
“AI is changing security on both sides of the equation, but organizations that combine strong security fundamentals with AI-powered tools are well-positioned to stay ahead,” Amazon’s CSO Schmidt said.
