:

FBI WARNS OF IN-PERSON DATA THEFT BY EXTORTION GANG

SECURITY DESK2 MIN READ
WED, MAY 27, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

The FBI has alerted U.S. law firms that the Silent Ransom Group (SRG) is conducting physical break-ins to steal data, marking a shift toward on-site extortion tactics.

The Silent Ransom Group has escalated its criminal operations beyond traditional ransomware attacks, now deploying operatives to physically infiltrate law firm offices and extract sensitive data directly. The gang targets law firms specifically because they typically hold high-value client information, including financial records, intellectual property details, and confidential case files. Once stolen, SRG uses this data as leverage for extortion demands. Attack Pattern According to the FBI warning, SRG operatives gain entry to firm locations and access computer systems on-site. The group then exfiltrates data before disappearing, leaving victims with the threat of public exposure or sale if ransom demands go unmet. This represents a notable tactical shift. Traditional ransomware gangs deploy malware remotely to encrypt systems. SRG's in-person approach reduces detection risk for the initial data theft phase and provides direct access to air-gapped systems or offline storage that remote attacks cannot penetrate. Security Implications The warning underscores that extortion groups are diversifying methods to overcome improving cybersecurity defenses. Physical security gaps become exploitable when digital defenses strengthen. Law firms face particular vulnerability due to the sensitivity of client privileged information and the firms' general reluctance to publicize breaches. Recommended Actions The FBI guidance emphasizes multi-layered security measures: enhanced physical access controls, visitor vetting procedures, employee security awareness training, and endpoint protection systems. Firms should also maintain incident response plans and consider cyber insurance coverage. The warning comes as ransomware and extortion operations continue evolving. Security experts note that hybrid attack strategies—combining physical and digital elements—present acute challenges for defenders, as traditional IT security teams may lack coordination with physical security personnel.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.