Russian Silent Ransom Group Uses In-Person Tactics to Target US Law Firms

The Silent Ransom Group has been implicated in a series of cyberattacks targeting US law firms, employing operatives to physically access computers and insert USB devices. This tactic aims to bypass remote security measures and enhance ransom negotiations by obtaining sensitive client data. In April, a lawyer at a New Jersey law firm received a call from an alleged IT support member, leading to an in-person visit that raised suspicions. The group reportedly offers $500 for such visits, which have occurred in major cities like New York and Washington, D.C. The FBI has estimated that the group has extorted around $100 million from law firms in the past six months. This method of attack is risky, leaving behind evidence such as surveillance footage. The group has also utilized distractions, such as posing as delivery personnel, to facilitate their operations.

Key Points: • Silent Ransom Group hires individuals to physically insert USB malware into law firm computers. • The group has extorted approximately $100 million from law firms in the last six months. • FBI investigations indicate a growing trend of physical infiltration tactics in cybercrime.