Single Hacker Breached 600 Firewalls Using AI
An Amazon threat intelligence investigation detailed how a single attacker breached 600 firewalls over a five-week period by using AI-augmented tooling. The attacker leveraged Large Language Models (LLMs) to enhance reconnaissance, exploitation, and evasion efforts. The report concludes that strong security fundamentals remain the most effective defense against such advanced, automated attacks.
- The attacker, identified as a Russian-speaking and financially motivated actor, specifically targeted FortiGate firewalls. The campaign did not rely on exploiting vulnerabilities, but instead succeeded by scanning for exposed management ports and brute-forcing weak credentials that lacked multi-factor authentication. - Security researchers identified the specific commercial AI models used as Anthropic's Claude and DeepSeek. The attacker used DeepSeek to create scripts for reconnaissance and to extract configurations from compromised devices, while Claude was used to generate scripts for vulnerability assessments and to operate offensive tools. - Analysis of the attacker's custom tooling, written in Python and Go, showed clear signs of AI-assisted development. These indicators included redundant code comments, simplistic architecture, and poor error handling, suggesting the AI augmented a less-skilled actor to operate at a larger scale. - Upon breaching the firewalls, the attacker extracted full device configurations. This data included recoverable SSL-VPN credentials, administrative passwords, firewall policies, internal network maps, and IPsec VPN configurations, which were then parsed using AI-assisted scripts. - While this attack was conducted by a financially motivated actor, state-sponsored groups are also leveraging LLMs. For instance, the Chinese-backed group APT41 has used Google's Gemini to accelerate the development of malicious tools, and the Russian group APT28 has used LLMs to research satellite communication protocols for targeting purposes. - The attacker's infrastructure, hosted on a misconfigured server, was discovered to contain 1,402 files. These files included stolen firewall backups, credential dumps, vulnerability scans, and AI session artifacts, including prompt histories linked to the AI models. - This incident is part of a larger trend of AI lowering the barrier to entry for cybercrime. Tools that were once the domain of highly skilled teams are now accessible to a broader range of individuals, enabling them to automate and scale complex attack sequences. - Defenders can leverage AI-powered tools for threat detection and response to counter these attacks. Recommended defensive strategies focus on fundamentals, including implementing multi-factor authentication, consistent patch management, and network segmentation to limit lateral movement.
