About Newsletters CMS
Sports

When cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms

By Anonymous
1 minute read
When cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms

When an executive at a US law firm’s phone rang in April, the voice on the other end was urgent: A computer virus was spreading through the firm.

The caller said they were from IT support and needed physical access to the lawyer’s computer because remote fixes to stop the attack weren’t working. The lawyer told his purported colleague to swing by his desk at the law firm’s office in New Jersey.

The next day, the firm’s receptionist called: The lawyer had a visitor from IT at the front desk.

“That’s when an alarm bell went off: Why would an IT person need to check in with reception?” said Leeann Nicolo, who handles incident response for cybersecurity insurance firm Coalition, which the law firm hired to investigate the incident.

The visitor ran out of the building when the lawyer approached the front desk, according to Nicolo.

It’s one of several incidents at law firms across the country in the last year in which, the FBI and private investigators suspect, the Russian-speaking Silent Ransom Group has hired people in the US to show up in-person and plug thumb drives into law firms’ computers. The physical access could help bypass anti-virus protections that the hackers run up against from afar.

The group’s millions of dollars in returns contrasts with its modest investments: In a private Telegram channel, the group is offering $500 to people to visit law firms and plug in USB sticks, one cybersecurity professional familiar with the incidents told CNN.

The hired hands are “cannon fodder” for the Russian-speaking cybercriminals — expendable assets in a much larger cybercrime war, the source said. It’s a rare and risky tactic for hackers to undertake because it leaves a trail of evidence, including surveillance footage, that the FBI can pore over.

Cybercriminals “are getting increasingly bold in what they recruit people to do over the internet,” a law enforcement official who tracks the group told CNN.

The goal of these brazen operations is to strengthen the criminals’ hands in multimillion-dollar ransom negotiations by obtaining sensitive data on the law firms’ clients. If the firms don’t pay up, the hackers leak the stolen information.