Silent Ransom Group Is Actively Targeting Law Firms, FBI Issues Heightened Warning

🚨 Law Firms Targeted by Silent Ransom Group in Callback Phishing Campaigns

The FBI warns of a cybercrime ring actively exploiting the legal industry

The FBI’s Internet Crime Complaint Center (IC3) has issued a warning about an active cyber threat targeting U.S.-based law firms. The group, known as Silent Ransom Group (SRG), also tracked as Luna Moth, Chatty Spider, or UNC3753, is using highly convincing IT-themed callback phishing emails and phone calls to gain access to systems and steal sensitive client data.

Once they’re in, they don’t encrypt files like traditional ransomware. Instead, they quietly exfiltrate sensitive information and demand payment, threatening to leak your firm’s data unless you comply.

Why Law Firms Are Being Targeted

Since Spring 2023, SRG has consistently focused on the legal industry due to:

• The confidential nature of client and case data

• Firms often have less mature cybersecurity defenses

• A higher likelihood of paying a ransom to avoid exposure

This isn't random. They're choosing law firms on purpose, and they’re succeeding.

How These Attacks Work

1. A phishing email appears to be from your firm’s IT provider or a familiar software vendor.

2. The message asks the recipient to call a number to resolve a fake issue.

3. On the call, attackers guide the employee to install a remote access tool.

4. They then steal files silently and use them for extortion.

These aren’t sloppy scams. They’re well-scripted, targeted attacks designed to fool even cautious employees.

What You Can Do Right Now

• Educate your staff to spot social engineering and phishing tricks, especially callback phishing.

• Review remote access permissions and limit who can install software.

• Install proactive threat detection tools to flag unusual activity.

• Backup files off-network, and test recovery procedures regularly.

• Conduct a high-level security review to identify risks before attackers do.

How Shield IT Networks Can Help

At Shield IT Networks, we've helped law firms of all sizes defend against today’s most advanced cyber threats, including the tactics now being used by Silent Ransom Group.

As the exclusive cybersecurity partner of CalBar Connect and the California Lawyers Association, we understand the legal industry’s unique risks and compliance pressures.

We equip firms with CyberStack, our enterprise-grade cybersecurity platform that combines proactive threat detection, secure backups, endpoint protection, and more. It’s built to give small and mid-size law firms access to the same level of protection that Fortune 500 companies rely on.

✅ If you're not yet a CalBar Connect subscriber or CLA member, start with a 15-minute call with one of our cybersecurity experts.

✅ If you are a subscriber or member, you may qualify for a complimentary Cybersecurity Vulnerability Assessment (a $8,000+ value).

👉 Schedule Your 15-Minute Call

Don’t wait until your firm becomes a target. Let’s secure your practice before attackers find their way in.