Cybercrime Increasingly Accompanied by Threats of Physical Harm
Cybercrime is increasingly accompanied by threats of physical harm, marking a shift in tactics used by cybercriminals. While hackers traditionally focused on infiltrating computer systems covertly, recent years have seen a rise in intimidation and direct threats against staff involved in cyber-attack responses or ransom negotiations.
Rising Incidents and Financial Impact
Cyber-attacks continue to surge globally. In the United States, reported cybercrime incidents increased from 288,012 in 2015 to over one million last year, according to FBI data. The financial losses for US companies and organizations reached $20.8 billion in 2025, up from $16.6 billion the previous year. The United Kingdom also experienced record highs in cyber-attacks during the same period.
Typically, cybercriminals infiltrate company systems to steal sensitive data or lock organizations out, demanding ransom payments for data return or system restoration. However, an increasing number of attackers now escalate their extortion efforts by threatening physical violence against employees.
Threats Against Staff and Escalation of Intimidation
Data from the FBI shows that physical threats related to cybercrime more than doubled in the US last year. Research by security firm Semperis found that in 40% of global ransomware attacks in 2025, criminals threatened to harm staff members who refused to pay ransom demands. In the US, this figure rose to 46%.
Tim Beasley of Semperis described the growing reality of these threats. In one instance, he received a threatening package at his home while negotiating a ransom for a US government organization affected by a cyber-attack. The package contained a note implying physical violence if he did not back off.
Hackers often obtain personal information about employees, including home addresses, to intimidate them. Zac Warren from US security firm Tanium recounted a hospital ransomware case where employees received phone calls from attackers who knew their names, addresses, and social security numbers, creating a strong sense of being watched and targeted.
In some cases, threats are less direct but still dangerous. Attackers have demonstrated control over manufacturing machinery, turning robots and conveyor belts on and off, actions that could cause serious injury or death.
Profiles and Methods of Cybercriminals
Many ransomware groups are state-sponsored, with origins in countries such as Russia, China, Iran, and North Korea. However, most physical threats come from financially motivated groups, often composed of young individuals aged 17 to 25. These hackers frequently hire others to carry out or threaten violence, avoiding direct involvement themselves.
Recruitment for violent acts is sometimes conducted through online message boards or social media, where hackers offer payment for intimidation or attacks. This “violence-as-a-service” model allows less technically skilled criminals to participate by providing physical enforcement.
Violence Linked to Cryptocurrency and Law Enforcement Response
Physical attacks related to cybercrime are notably severe in the cryptocurrency sector. In one case, French police rescued the father of a cryptocurrency millionaire who had been kidnapped and held for ransom, with reports indicating the victim suffered the loss of a finger. Europe, including the UK, saw over 18 such cases last year, with a dramatic increase in cybercrime involving physical violence.
Europol investigates these crimes as part of broader efforts to combat “violence as a service,” where individuals carry out attacks for payment. In the US, the FBI issued an alert about the growing threat from an online-linked criminal network known as “In Real Life Com,” which offers various violent services including vandalism, arson, shootings, and kidnappings.
Adam Meyers, senior VP at cybersecurity firm Crowdstrike, explained that individuals involved in cryptocurrency often attract attention by publicly discussing their wealth and trading activities online, increasing their risk of becoming targets for violent crime.
Outlook on Threats of Physical Harm in Cybercrime
Experts believe that threats of violence linked to cybercrime will continue to rise as victims keep paying ransoms to protect themselves and their families. Tim Beasley noted that the fear of harm, including kidnapping, motivates many to comply with demands, contributing to the persistence of this dangerous trend.
These developments highlight the evolving nature of cybercrime, where digital attacks are increasingly intertwined with real-world threats, posing significant challenges for organizations and individuals alike.
