Cyber-attacks are increasingly accompanied by chilling threats of physical violence, a trend underscored by a US security firm employee who received a threatening package at his home. Tim Beasley, working for Semperis, discovered a package containing a note alluding to physical harm if he didn’t cease involvement in ransomware negotiations for a US government organization. This incident highlights a disturbing escalation in cybercriminal tactics, moving beyond digital extortion to direct intimidation and threats against individuals and their families.
Rising Cybercrime and Evolving Threats
Cyber-attacks continue to surge globally, with the US experiencing a record high of over one million reported instances in the past year, according to the FBI. These attacks resulted in an estimated $20.8 billion in financial losses for US companies and organizations in 2025 alone. While the traditional modus operandi of hackers involves infiltrating systems to steal data or lock down operations for ransom, a growing number are now employing physical threats to ensure compliance.
FBI data reveals that the number of physical threats accompanying cyber-attacks more than doubled in the US last year. Further research from Semperis indicates that in 40% of global ransomware attacks in 2025, criminals threatened physical harm to staff if ransom demands were not met. This phenomenon was even more prevalent in the US, where companies faced such threats in 46% of cases.
Personal Data Exploited for Intimidation
A key tactic employed by these cybercriminals involves accessing and exploiting personal data of employees, including their home addresses. Zac Warren, Chief Security Advisor for Europe and the Middle East at Tanium, described a case where hospital employees received phone calls from attackers who revealed personal details, including street addresses and social security numbers. This level of personal information was used to create a profound sense of being watched and intimidated among the clinicians.
In some instances, the threat of physical harm is more indirect but equally dangerous. Attackers have demonstrated control over manufacturing machinery, manipulating robots and conveyor belts in ways that could easily lead to severe injuries or fatalities. This demonstrates a chilling potential for real-world consequences stemming from digital breaches.
Motivations and Perpetrators
While many ransomware gangs are state-sponsored and linked to countries like Russia, China, Iran, and North Korea, most physical threats originate from purely financially motivated groups. These groups often consist of young individuals, with FBI profiles indicating age ranges between 17 and 25 for some hacker collectives. It is common for these cybercriminals to outsource the physical threats or actions to third parties.
Leave a Reply