A single, financially motivated hacker used artificial intelligence to seize control of a company's entire Amazon Web Services (AWS) cloud in roughly 72 hours, moving far faster than the victim could respond, according to investigators at Sygnia.
The incident response firm said the intrusion used no novel malware and no zero-day exploits. Instead the attacker chained together familiar cloud weaknesses, exposed secrets, weak identity controls and overly permissive access, but ran the whole playbook at a speed and scale that pointed to AI doing much of the work.
What happened
The attacker gained an initial foothold through a weakness in an internet-facing application, grabbed an AWS access key, then repeated the same routine every time a new credential turned up: enumerate permissions, harvest more secrets, plant persistence and reach for data. Sygnia traced the activity across application services, AWS resources, source-code repositories, CI/CD pipelines, runtime components and databases.
Rather than encrypt files like traditional ransomware, the actor aimed to gain enough control over the cloud itself to extort the victim, threatening to disrupt, disable or destroy critical services. Investigators found the attacker fired off several hundred unique SQL queries across dozens of databases to hunt for user records and transaction data.
Where AI changed the equation
Sygnia said several artifacts pointed to AI-assisted, or agentic, tooling: attacker-written scripts and structured reports consistent with large language model output, highly parallel activity, and rapid, environment-specific adaptation. In one telling second, the actor used four different access keys belonging to four separate accounts, all from the same source address and user agent, behavior consistent with automated, centrally orchestrated execution. Some attacker artifacts were even labeled "pentest" and "red team," an apparent attempt to disguise the activity as legitimate testing.
"An attack that would have typically taken weeks to execute all happened under 72 hours," said Avi Dayan, Sygnia's vice president of incident response, who warned that accessible large language models and agentic AI can lower the barrier to entry and let less sophisticated attackers operate with unusual speed and scale.
Why it matters
The takeaway is not that AI invented new attacks, every action mapped to long-established adversary behavior, but that it collapsed the time defenders have to react. The gap that decided the outcome was between the pace of the AI-assisted activity and the organization's ability to turn scattered signals into containment. Fragmented visibility, monitoring gaps and the absence of a rehearsed response plan all delayed detection.
It is the same direction of travel we noted when a China-linked group automated most of its attack chain through a jailbroken AI coding assistant: adversaries are now using commercial AI as a force multiplier rather than as a source of exotic new malware.
What you should do
Sygnia's guidance is defense-in-depth built for speed: treat identity as the primary security boundary, eliminate exposed secrets and rotate credentials aggressively when compromise is suspected, enforce least-privilege access across cloud and CI/CD, and keep containment and recovery procedures that can be executed immediately. For broadly compromised environments, rebuilding infrastructure may be faster than surgical cleanup. Defenders can put AI to work too, accelerating triage, log analysis and remediation, but only on top of reliable telemetry and clear ownership.
This briefing is provided by IntelFusions for informational and defensive purposes only. It is based on sources assessed to be reliable at the time of writing, and analytic judgments carry the confidence levels indicated. Indicators of compromise are defanged; re-arm them only in controlled environments. IntelFusions is not affiliated with the organizations named and makes no warranty as to completeness or accuracy.