Hackers are turning up to offices and posing as IT support, FBI warns

The FBI has issued an alert about the Silent Ransom Group (SRG), a hacking collective that has begun sending impersonators to U.S. offices under the guise of IT support staff. The tactic involves gaining an employee’s trust before secretly installing malware on company devices to steal sensitive files for later ransom demands. SRG has targeted law firms primarily but warns that medical and insurance sectors may also be at risk due to their highly sensitive data. The FBI notes that the group has shifted from remote cyberattacks to in-person breaches since 2022, exploiting weak physical security measures. After gaining access, SRG exfiltrates data and extorts victims by threatening to sell or leak the information online. The FBI states that the group uses IT-themed social engineering calls to arrange in-person visits, where attackers insert storage devices into computers to steal data. Cybersecurity experts highlight that while AI-powered defenses are advancing—such as Microsoft’s platform using over 100 AI agents to detect vulnerabilities—attackers are also leveraging AI for phishing, voice cloning, and deepfake impersonations. The FBI’s warning suggests some firms lack basic layered security, making them vulnerable to these low-tech but effective physical intrusion methods. Bogdan Botezatu, senior director of threat research at Bitdefender, emphasized that criminals prioritize effective tactics over sophistication, noting that USB-based attacks remain highly successful when combined with weak security protocols.