Silent Ransom Group Impersonates IT Staff at Law Firms

A new public service announcement from the FBI details how a criminal collective has spent the last two years perfecting a scheme aimed squarely at U.S. law practices. Posing as company IT personnel, members of the group use phone calls, deceptive emails, and occasional in-person visits to trick employees into handing over remote access. Once connected, the intruders harvest confidential case files and personally identifiable information without encrypting any devices. Their business model centers on extortion: stolen material is offered back for payment or threatened with public exposure. Unlike typical ransomware crews, these operators focus on speed and stealth, moving data out of networks before detection systems can react. The agency’s bulletin emphasizes the importance of caller verification procedures, strict visitor logs, and continuous employee awareness programs. Firms are also advised to restrict remote-desktop privileges to a small, monitored group of administrators and to maintain regularly tested offline backups that cannot be reached by external actors.