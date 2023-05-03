Last year more than a dozen Fortinet FortiGate firewalls crashed and failed to properly reboot at a defense industry organization. This was the first sign that intruders had deeply infiltrated the company’s network. The attackers, who are a lesser-known cyber-espionage hacking team out of China, appeared to have misfired causing the firewall failure, which was very lucky for the victim organization because, otherwise, it would have been a long time before they detected the attack.

The attackers had hacked into and dropped malware on FortiGate firewalls which allowed them to read and write files on the firewall, as well as gained them super-administrator privileges in the firewalls. To remain undetected the attackers embedded inside the firewalls and on virtual hardware. This is becoming a viable alternative for attackers. Mandia, CEO of Mandiant at Google Cloud, believes that AI technology will be useful for defenders and researchers. Mandiant is currently developing its own AI-based discovery tool.

