In a span of just five weeks, a single Russian-speaking threat actor compromised over 600 FortiGate firewalls across 55 countries. They didn’t rely on a sprawling team of engineers or a zero-day exploit that nobody had ever seen before. They simply used generative AI to handle the heavy lifting.
Amazon Web Services (AWS) recently released findings linking this activity to a persona known as “Mad Liberator.” While the use of AI in cyberattacks is often discussed in theoretical terms, this campaign offers concrete proof of utility. The attacker used Large Language Models (LLMs) not to invent a master key, but to write the scripts that automate the tedious work of looting a network.
For SMBs relying on Fortinet infrastructure, this signals a shift in how fast you need to react to known vulnerabilities.
The AI Wasn’t the Weapon, It Was the Assistant
There is a misconception that hackers are using ChatGPT to write code that magically bypasses modern encryption. That is not what happened here.
The initial entry point was standard fare: the attacker targeted unpatched FortiGate devices exposing SSL VPN interfaces. Once they identified a vulnerable target, the “AI” component came into play. The attacker used generative AI services to write Python scripts designed to interact with the compromised firewall’s command-line interface (CLI).
These scripts handled the post-exploitation tasks:
- Creating a new local user account to maintain access.
- Checking for active sessions.
- Exfiltrating configuration data.
The AI acted as a force multiplier. It took the manual labor out of the intrusion, allowing one person to scale their operation from a handful of targets to hundreds in roughly a month. They automated the interaction so they wouldn’t have to type commands manually into 600 different terminals.
The Timeline Is Shrinking
This efficiency creates a specific problem for IT teams: the window between “vulnerability announced” and “mass exploitation” is closing.
In the past, script kiddies needed time to find exploit code on the dark web, figure out how to use it, and then manually execute it against targets. Sophisticated groups had the skills but often lacked the manpower to hit thousands of small businesses simultaneously. Generative AI bridges that gap.
If an attacker can generate a functional exfiltration script in 30 seconds by prompting an LLM, they can move from scanning to data theft before most administrators have even read the patch notes.
The Hard Truth About Your Firewalls
Here is the uncomfortable reality: If your edge devices are reachable from the public internet, they are being scanned every single day. Security through obscurity died years ago, but AI-driven automation has buried it.
The specific campaign tracked by AWS didn’t target high-value enterprise giants exclusively. It swept up anyone with a vulnerable FortiGate appliance. If you are a small business in Southwest Florida, your IP address looks exactly the same to a scanner as a Fortune 500 company’s satellite office.
What You Need to Change
Many organizations treat firewall firmware updates like server patches—something to be tested, scheduled for a maintenance window, and rolled out weeks later. That cadence is too slow for edge security devices in 2024.
Recommendation: Automate the patching of edge security devices, or delegate it to a managed team that applies updates within 48 hours of release.
There is a trade-off here. Aggressive patching carries operational risk. An update might break a specific VPN configuration, interrupt a remote user’s session, or cause an unexpected reboot. You might face an hour of downtime troubleshooting a bad patch.
But compare that friction to the alternative. The “Mad Liberator” campaign didn’t just break in; they established persistence. Cleaning a compromised firewall often requires a complete factory reset and reconfiguration from scratch, assuming you can even trust the hardware anymore.
We can fix a broken VPN config in twenty minutes. We cannot easily undo the exfiltration of your entire user database. Prioritize the patch, risk the glitch, and keep the AI-assisted scripts out of your CLI.
