Russian cybercriminals just proved that AI can make bad hackers worse. Over five weeks this year, they used commercial AI tools to compromise more than 600 FortiGate devices across 55 countries.
Amazon's threat intelligence team caught them red-handed between January and February 2026. The attackers weren't exploiting new FortiGate vulnerabilities. They were using AI to get better at the boring bits of hacking.
How did AI make these attacks more effective?
The threat actors used generative AI services to streamline their operations. This wasn't some sophisticated AI breakthrough. These criminals took everyday AI tools and applied them to cybercrime workflow.
What exactly did they compromise?
Over 600 FortiGate devices across 55 countries fell victim. FortiGate devices are Fortinet's flagship firewalls. Getting inside one is like having keys to the castle.
What does this mean for AI and cybersecurity?
This attack marks a turning point. AI tools are now mainstream enough for run-of-the-mill cybercriminals to use effectively. The democratisation of AI means more threat actors can punch above their weight.
Summary
Russian cybercriminals used commercial AI tools to compromise over 600 FortiGate devices across 55 countries in early 2026. This attack shows how mainstream AI is lowering the skill barrier for cybercrime.
