Indonesian Political, Business & Finance News

Silent Attacks Hit 55 Nations, Indonesia at Risk

| Source: CNBC Translated from Indonesian | Technology
Silent Attacks Hit 55 Nations, Indonesia at Risk
Image: CNBC

The digital realm has become an arena for silent attacks perpetrated by irresponsible actors. Recently, Amazon warned of Russian-speaking hackers exploiting generative AI services as a vehicle for data theft online.

The hackers successfully breached over 600 FortiGate firewalls across 55 countries within five weeks. According to a report from CJ Moses, CISO at Amazon Integrated Security, the attacks occurred between 11 January and 18 February 2026.

The perpetrators, identified as Russian-speaking hackers, did not exploit zero-day vulnerabilities. Instead, they targeted management interfaces exposed to the internet and exploited weak credentials without multi-factor authentication (MFA).

After gaining access, the attackers extracted critical configuration data including SSL-VPN credentials, administrator accounts, and internal network architecture. This data was subsequently analysed using Python and Go-based tools developed with AI assistance.

“After obtaining VPN access to victims’ networks, the threat actors deployed specialised surveillance tools, with various versions written in Go and Python,” Amazon explained, as quoted by Bleaching Computer on Monday, 2 March 2026.

Moses noted that the compromised firewalls were detected in South Asia, Latin America, the Caribbean, West Africa, Northern Europe, and Southeast Asia. This means Indonesia potentially faces risk if security configurations are not tightened.

Beyond firewalls, the perpetrators also targeted Veeam Backup & Replication servers to weaken backup systems ahead of potential advanced attacks such as ransomware. Amazon explained that attackers frequently target backup infrastructure before deploying ransomware to prevent file recovery from backups.

Amazon assessed the attackers’ technical capabilities as low to moderate, but the use of AI made their attacks far more effective and structured. In one instance, the perpetrators fed a victim’s network topology to an AI service to request advanced penetration strategies.

This finding is reinforced by a Google report indicating that the Gemini AI was similarly misused across various stages of cyber attacks.

The report concludes that generative AI has become a force multiplier enabling hackers to scale intrusions more efficiently.

View JSON | Print