A recent incident analyzed by Amazon Threat Intelligence is a useful case study in how the security equation is shifting. A Russian-speaking, financially motivated threat actor compromised 600+ Fortinet FortiGate devices across 55+ countries from Jan. 11 to Feb. 18, 2026, and notably, without exploiting a FortiGate software vulnerability. Instead, the campaign succeeded by targeting the basics: internet-exposed management ports, weak credentials, and single-factor authentication, then using generative AI to accelerate nearly every phase of the operation.

Cybersecurity Dive’s write-up captures the practical takeaway: generative AI can give a novice operator outsized impact by making well-known techniques easier to execute, easier to scale, and faster to repeat.

This maps directly to the thesis in MixMode’s Threat Research’s earlier post, “The Rise of AI-Driven Cyberattacks: Accelerated Threats Demand Predictive and Real-Time Defenses”: AI compresses the window defenders have to notice early behaviors, and it increases the volume of attempts that any single team must withstand.

What happened (and why it matters)

Amazon’s report is clear about what made this campaign stand out:

• No zero-day was required. The actor abused exposed interfaces and weak authentication rather than exploiting a software flaw.
• AI was used as force multiplication. The actor leveraged multiple commercial GenAI tools to help plan operations, write scripts, and scale workflows across targets.
• Post-access objectives looked ransomware-adjacent. Amazon observed follow-on activity that included compromising Active Directory environments, extracting credential databases, and targeting backup infrastructure, all common precursors to ransomware.
• The attacker favored “soft targets.” When they encountered hardened environments or stronger defenses, they moved on rather than adapting.

That last point is the operational shift defenders should internalize. When offense becomes cheaper and faster, “good enough” access attempts can be repeated across thousands of organizations. The result is not necessarily more sophisticated intrusions. It is more intrusions, and more of them succeeding because they only need one weak point.

Just as important, this pattern is not unique to Fortinet. Over the past year, CISA advisories and the National Vulnerability Database have repeatedly highlighted perimeter and edge device risks across multiple major vendors. The specific names change. The underlying exposure pattern does not.

This is exactly the “acceleration” dynamic described in MixMode’s AI-driven cyberattacks blog: automation at machine speed, scalability across many targets, and shortened response windows.

Risks Associated with Firewalls as a Singular Control

The firewall is not irrelevant here. In fact, the attacker’s focus on firewall configuration files shows the opposite: perimeter devices remain high-value because they can contain administrator accounts, credential material, network architecture, VPN settings, and policy logic.

But this campaign highlights a frequent misconception that a firewall is “the control” rather than “a control.”

Across the industry, organizations still place implicit trust in perimeter enforcement. This is the recurring risk pattern. Whether the advisory mentions Fortinet, Palo Alto, Cisco, or another major vendor, the lesson is consistent: no single active control should be treated as inherently trustworthy or self-sufficient.

Once an attacker reaches an exposed management plane and obtains credentials, the security problem shifts from perimeter enforcement to questions like:

• Who is authenticating to management interfaces, from where, and how often?
• Are configuration exports or reads occurring at unusual times or from unusual sources?
• Is there subsequent reconnaissance from the firewall outward into internal address space?
• Do we see early-stage behaviors that indicate pivoting (new scans, new service discovery, new east-west traffic)?
• Are there signals of credential harvesting, directory enumeration, or backup access that suggest ransomware staging?

These are fundamentally questions of behavior and context. In today’s AI-accelerated threat landscape, focusing first on early indicators of attack is critical, because by the time obvious indicators of compromise appear, the compressed timeline of modern intrusions often means defenders are already behind.

Threat Actors Remain Ahead of the Industry in AI Utilization

A subtle but important detail from Amazon was that their analysts inferred that some of the attacker’s code bore common hallmarks of AI-assisted development (for example, redundant comments and simplistic architecture), and that the tooling sometimes failed under edge cases.

That is instructive. The threat actor was not demonstrating elite tradecraft. They were using AI to reduce friction:

• Convert goals into step-by-step plans
• Generate scripts for parsing and organizing stolen configuration data
• Automate target selection and prioritization
• Rapidly iterate on “good enough” tooling across a wide victim set

This is the threat model shift MixMode Threat Research recently described as AI lowers the barrier to entry, defenders should assume higher attack volume and faster execution, even when adversaries are not highly skilled.

Defensive implications: treat “management plane exposure” as an incident type, not a misconfiguration ticket

Amazon’s guidance leads with fundamentals like disabling unnecessary internet exposure, improving credential hygiene, MFA, and segmentation. Those are table stakes.

But the practical challenge is that organizations can do many of those things and still face an uncomfortable reality:

• Exposure can reappear through change, drift, acquisitions, and emergency access paths.
• Credentials can be weak in one corner of an estate, even when policy exists.
• MFA can be inconsistently applied across management interfaces, VPN paths, and legacy workflows.
• The “first successful access” may look like routine admin activity unless you can baseline and detect behavioral deviation.

This is why prevention controls alone are not enough. A locked steel door still needs a camera on both sides. The same principle applies to firewalls and other perimeter technologies. Enforcement must be paired with independent visibility that can validate what is actually happening.

So the problem becomes: How quickly can you detect and triage the earliest abnormal behaviors that suggest management-plane abuse is turning into internal compromise?

This is the same “compressed window” issue called out in this Threat Research report, where IOAs (behavioral signals) become the key to acting in time.

A practical detection lens for incidents like this

If you are thinking about “firewall plus what,” here is a technical lens that aligns to the campaign Amazon described:

1) Management interface behavior (pre-compromise and early compromise signals)

• Authentication attempts that diverge from baseline (time-of-day, source geography, rate patterns)
• New administrative sessions or changes in administrative workflow
• Unexpected configuration exports, reads, or decrypt/parse activity patterns downstream

2) Recon and service discovery after foothold

• Port scanning from unusual hosts or newly observed sources
• Expansion of scan scope across internal ranges
• New “inventory-like” enumeration behaviors that map to target selection

3) Pivot behaviors that signal real intent

• Directory service touchpoints consistent with AD discovery and credential database targeting
• New access paths to backup infrastructure, especially if access patterns shift quickly
• Lateral movement signals that appear shortly after perimeter management access

4) Hardened environment “bounce” is also a signal
Amazon notes the actor moved on when facing stronger defenses.
From a detection perspective, that means: quick, shallow intrusion attempts across many targets. Your advantage is early detection and rapid containment, not waiting for deep persistence.

This strategy is consistent with MixMode’s argument that predictive and real-time analytics are required to keep pace with AI-accelerated operations.

How MixMode Bolsters Firewalls, Undermining Threat Actor Advantages

Firewalls enforce policy and segment traffic. They are essential. But the FortiGate campaign is a reminder that control does not equal visibility, and visibility does not equal prioritization.

If your environment is already built around perimeter controls and log sources, MixMode’s “value add” is best framed as:

• Behavioral baselining for early IOAs: Detect deviations in network and authentication behaviors that do not map neatly to static rules or known signatures, aligning to the “IOA-first” need in AI-accelerated attacks.
• Real-time network visibility: Identify suspicious scanning, pivoting, and unusual east-west activity early, when the attack is still shallow and containable.
• Correlation for faster triage: Tie together network behaviors and relevant logs so analysts can determine whether “management access” is routine admin work or the start of an intrusion chain.

As AI lowers the barrier to entry and increases the speed of intrusion, organizations must assume that exposure, misconfiguration, and credential abuse will be tested continuously and at scale. The FortiGate campaign is not an outlier. It is a preview of how modern attacks will increasingly unfold.

Perimeter controls remain essential, but they are no longer sufficient on their own. Defenders need continuous behavioral visibility that can surface early signals of attack, prioritize real risk, and enable teams to respond before routine access quietly becomes an enterprise-wide compromise.

‍