Google and the FBI have alerted organizations to a ransomware gang called Silent Ransom Group that sends impostors posing as IT support staff to physically infiltrate offices and steal data.
Silent Ransom Group has deployed a physical infiltration tactic rarely seen in ransomware operations. Members pose as legitimate IT support workers and gain access to office buildings, where they use USB drives or install remote access tools on company systems to exfiltrate sensitive information.
Law firms have been a primary target of these operations. Attackers conduct reconnaissance before sending operatives on-site, allowing them to move through facilities with minimal suspicion while posing as vendors or contractors.
Attack Method
The group combines social engineering with traditional cybercrime techniques. By impersonating trusted IT personnel, attackers bypass security protocols designed to stop remote threats. Once inside, they can directly access computers, install malware, or physically remove data using portable storage devices.
What Organizations Should Do
Google and FBI officials recommend several defensive measures:
- Verify the identity of all IT personnel or contractors before granting access to facilities or systems
- Require employees to authenticate visitor credentials through official channels
- Implement strict USB and removable media policies
- Monitor for unusual remote access tool installations
- Conduct security awareness training emphasizing social engineering tactics
Why This Matters
Physical security breaches are harder to detect than remote intrusions. Once inside a building, attackers face fewer digital barriers and can move quickly before detection. This hybrid approach—blending physical and cyber tactics—represents an evolution in ransomware tactics beyond purely digital attacks.
Law firms remain high-value targets because they store confidential client information, intellectual property, and financial data. Stolen materials can be used for extortion or sold on dark web marketplaces.
The warning underscores a critical vulnerability: many organizations invest heavily in cybersecurity but neglect physical access controls. Silent Ransom Group's strategy exploits this gap, treating office buildings as entry points to protected networks.
Filtr, an ad blocker for Apple devices, now prevents ads from loading inside apps across iPhones, iPads, and Macs. The tool leverages new capabilities in Apple's latest software.
US customs agents can confiscate and search travelers' phones at airports with minimal legal restrictions, even for citizens returning home. A Minnesota labor organizer's recent detention highlights the practice.
South Korean online communities must now deploy AI censorship tools to scan all uploaded images. The requirement aims to detect and filter prohibited content automatically.
Let's Encrypt is developing support for post-quantum cryptography to protect HTTPS certificates against future quantum computing threats. The certificate authority plans to issue post-quantum certificates starting in 2026.