Silent Ransom Group targets law firms using social engineering to impersonate IT support and obtain access to computers. Attacks commonly use phishing emails and phone calls to establish trust and guide employees through remote access. Access may also be gained through legitimate remote access tools or by sending an in-person individual to obtain physical access to a company computer. The group then moves quickly to steal data and conduct extortion without relying on ransomware encryption. SRG has targeted multiple sectors, with U.S. law firms consistently targeted since 2023. The stolen data includes sensitive client records, privileged communications, financial details, and case information, creating risks that extend beyond the victim organization.
"The shift in attack strategy says a lot about where extortion is heading. It's no longer just about breaking in through malware or locking systems with ransomware. The group is leaning into trust by posing as IT support, walking employees through remote access, then moving quickly to steal data before anyone realizes something is wrong."
"These environments hold sensitive client records, privileged communications, financial details, and case information. If that data is stolen, the damage does not stop at the victim organization. Clients can be pressured, legal strategies can be exposed, and employees can become targets for follow-up scams."
"The hardest part is that much of this activity can look normal at first glance. Legitimate tools do not always trigger alarms. Security teams need faster ways to connect unusual behavior across users, devices, clou"
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]