How did generative AI enable FortiGate breaches?

The nature of the campaign

Amazon disclosed that a Russian‑speaking attacker used generative AI as part of a rapid campaign that successfully compromised more than 600 FortiGate firewalls across roughly 55 countries in a five‑week span. The breaches moved at machine speed and hit a wide range of targets, suggesting the attacker automated large portions of reconnaissance, exploit development, and deployment.

What is known and what remains unclear

Available details confirm two central facts: the campaign’s scope (hundreds of appliances across dozens of countries) and that generative AI was a component of the attacker’s toolkit. It is still unclear exactly which steps were fully automated by AI and which relied on human operators; Amazon’s analysis shows AI was used to scale tasks, but the precise mechanics—whether it authored exploit payloads, crafted spearphishing messages, or automated lateral‑movement scripts—haven’t been exhaustively published.

Observed patterns and implications

• Rapid tailoring: the attacker appeared to adapt payloads quickly, a hallmark of AI‑assisted generation.
• Volume and speed: dozens of targets were compromised in short windows, indicating automation removed traditional bottlenecks.
• Cross‑border impact: the campaign’s reach underscores how automated tooling amplifies geopolitical risk.

Defensive takeaways

1. Prioritize patching and hardening of edge devices like VPNs and firewalls; many incidents exploit known CVEs.
2. Assume automation in adversary toolkits: increase telemetry, anomaly detection, and network segmentation to limit blast radius.
3. Invest in incident playbooks that account for rapid, AI‑accelerated intrusion timelines.

Attackers using generative models means defenders must accelerate response cycles. Faster detection, stricter access controls, and routine firmware hygiene are now as critical as traditional perimeter defenses.