THE Silent Ransom Group (SRG) has intensified its tactics by impersonating IT staff to breach systems, particularly targeting US law firms since 2023. This group employs social engineering techniques, including phone calls and in-person interactions, to gain unauthorized access. Their previous methods involved phishing emails that led to the installation of remote access software.
Currently, they escalate their approach by either calling employees directly or visiting their physical locations to insert devices into computers under the guise of IT assistance. This allows data exfiltration using tools like WinSCP or Rclone, often bypassing traditional antivirus defenses. The FBI has outlined preventive measures for organizations, including enforcing strong passwords, multi-factor authentication, and conducting staff training on phishing identification.