AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
Summary
A Russian-speaking cybercrime group compromised over 600 internet-exposed FortiGate firewalls across 55 countries in a little over a month, utilizing off-the-shelf generative AI tools. AWS released an incident report detailing the campaign, highlighting the ease with which readily available AI can be used in cyberattacks.
IFF Assessment
The use of AI to augment cybercrime makes attacks more efficient and accessible, posing a greater threat to defenders.
Defender Context
Defenders need to be aware of the increasing use of AI by threat actors to automate and scale attacks. This incident highlights the importance of strong firewall configurations, patching, and monitoring for unusual activity. Organizations should also consider implementing AI-powered security tools to detect and respond to AI-augmented attacks.