The FBI has a blunt message for law firms across the United States. Know your IT guy. Because the one at your door might not work for you. Cybercriminals from the Silent Ransom Group, active since 2022, have expanded their playbook. When callback phishing fails to deliver remote access, they dispatch people to walk into offices. These operatives pose as technical support. They claim a need to image a device or create a backup after a supposed phishing incident. Then they insert a USB drive or external hard drive and copy sensitive files. The data taken isn’t for idle curiosity. It becomes ammunition for extortion. The group posts samples on a data leak site and demands payment to prevent full publication. No ransomware encryption. Just theft and threats. And it keeps working. The Physical Turn in a Digital Playbook This isn’t theoretical. The FBI’s latest advisory, released May 27, 2026, reaffirms warnings from a year earlier. Fresh incidents surfaced in spring 2026.…