A recent report by Sygnia reveals how a lone threat actor used AI in a rapid cyber-attack on cloud infrastructure, completing tasks in 72 hours that typically take weeks. The attacker exploited security gaps in AWS, obtaining access keys and employing AI for actions like searching for secrets, creating backdoors, exfiltrating data, and performing impact actions to demonstrate capabilities.
To mitigate such risks, Sygnia suggests measures such as restricting cloud access, disabling VPNs, and enforcing strict network controls. The findings highlight the challenges posed by agentic AI in lowering the barrier for cybercriminals.