Thanks to AI, a lone threat actor was able to execute a cyber-attack that would have otherwise taken weeks in just 72 hours, according to a new report by Sygnia.
The Israeli security vendor’s reeport, Inside an AI-Assisted Cloud Attack: Familiar Techniques at Unfamiliar Speed, highlighted how the threat actor relied on AI for speed and scale, rather than researching novel malware or zero-day exploits.
Using tried-and-tested techniques for attacking cloud infrastructure, an AWS environment was compromised with the goal of extortion, the report noted.
Read more on agentic AI threats: Researchers Claim First Fully Agentic Ransomware – JadePuffer
The actor exploited control gaps in secrets management, identity governance, deployment workflows and cloud permissions, according to the report.
They began by obtaining an access key to one of the AWS accounts through weaknesses in an internet-facing application. Then they used AI-assisted or agentic workflows for four concurrent tasks:
- Searching for secrets and credentials to steal across various layers of the AWS environment. These included plaintext secrets stored in S3 buckets, API keys from application databases, secrets stored in AWS Secrets Manager, and parameters stored in AWS Systems Manager Parameter Store
- Creating backdoors and other persistence mechanisms such as creating new access keys and IAM users, establishing reverse shells on EC2 instances and ECS containers, and modifying deployment files
- Exfiltrating data from RDS databases
- Performing “impact actions” to demonstrate capability to the victim organization. These included denying access to S3 buckets, limiting ECS services or containers to a maximum capacity of zero, creating ACL rules to block network access, and purging SQS queues
Crucially, the threat actor also benefitted from the organization’s gaps in visibility, monitoring, identity controls and incident preparedness, the report noted.
Remediation Advice for Network Defenders
Avi Dayan, VP of incident response at Sygnia, said the key takeaway for his team was the speed the threat actor moved post-intrusion and the volume of malicious activity they executed within a short timeframe.
“This case underscores a growing challenge for defenders: as large language models and agentic AI become more accessible, they have the potential to lower the barrier to entry, accelerate attack workflows, and enable less sophisticated or resource-constrained threat actors to operate with unprecedented speed and scale,” he added.
Sygnia recommended the following containment measures:
- Restrict cloud management access through IP allowlisting and only permit access from trusted locations
- Disable remote access VPN connectivity until containment steps are completed
- Restrict outbound internet connectivity for workloads, servers, and cloud resources to approved destinations only
- Apply firewall policies and network access control lists (ACLs) to block communication with known malicious infrastructure and restrict access to accidentally exposed assets
- Enforce IP restrictions on source code repositories and development platforms
- Route all app traffic through web application firewalls (WAFs)
- Implement network segmentation and isolation controls to limit lateral movement
