Emma WoollacottTechnology reporter
Getty Images
A few years ago, Tim Beasley opened his front door to discover that a small package had been left on the step.
“I was like ‘what the heck is this?’. I opened the box, and went ‘oh!’, and I immediately threw it away.”
Inside the box was a threatening note, alluding to physical violence if he didn’t back off.
Beasley works for a US security firm called Semperis, and at the time he was involved in ransom negotiations on behalf of a US government organisation that had been hit by a cyber-attack.
The package delivered to his home in the US was a warning from the ransomware group he had been having to talk to.
Cyber-attacks continue to soar around the world. In the US alone, the number of reported instances has increased from 288,012 in 2015 to 1,008,597 last year, a record high, according to new figures from the FBI.
It said that the resulting financial loss for US companies and other organisations totalled $20.8bn (£15.4bn) in 2025. That was up from $16.6bn in 2024.
Meanwhile, cyber-attacks in the UK also hit new highs last year.
Usually in such instances the hackers try to infiltrate a company’s computer system to steal sensitive data, or to take control and lock out the business. The cyber criminals then demand money for the return of the data, or to hand the system back to the firm in question.
But an increasing number of cyber attackers are now going further in their efforts to extort their victims – and threatening actual violence. The number of such physical threats rose more than twofold last year in the US, FBI annual data shows.
Separate research from Semperis found that in as many as 40% of global ransomware attacks in 2025, the criminals threatened to physically harm members of staff who refused to pay a ransom demand.
The phenomenon was said to be even more widespread in the US, where companies experienced physical threats 46% of the time.
“It’s always been here in the background, but it’s becoming more of a reality, slowly inching its way up,” says Beasley.
Tim Beasley
Hackers are threatening staff after accessing their personal data, including their home addresses. That was the case with one hospital ransom negotiation that Zac Warren from US security firm Tanium worked on.
“We started getting reports that employees within the hospital were getting phone calls,” says the chief security advisor for Europe and the Middle East. “So they were calling into the hospital… and asking for nurses by their name, and then talking to them and telling them that they knew where they lived.
“They gave them street addresses, they gave them social security numbers, they did all of these things to make people really feel like they were being watched. They had all this information, so there’s a really strong level of intimidation of the clinicians that was taking place.”
Sometimes, the threat of physical harm is less direct – but no less potentially lethal. In some cases, for example, attackers have been able to take control of manufacturing machinery and demonstrate their control by turning devices such as robots and conveyor belts on and off – actions that could easily lead to injuries or even death.
Many ransomware gangs are state-sponsored, and threats of violence have been seen coming from Russia, China, Iran, and in some cases North Korea.
However, most physical threats tend to come from purely financially-motivated groups. These hackers are often very young. The FBI’s profile of one such group indicated an age range of mostly between 17 and 25.
In many cases such cyber-criminals are said to pay others to threaten the violence, or actually carry it out.
“They themselves [the hackers], in a lot of cases don’t want to get their own hands dirty,” says Beasley. So instead they will post on message boards or social media to “do some recruiting, offer some cash and then people get hit or they get stalked”.
Some of the most severe threats of violence – and actual physical attacks – are to be found in the murky world of cryptocurrency investment. Last May, for example, French police rescued the father of a cryptocurrency millionaire who had been kidnapped and held for ransom in a Paris suburb.
According to media reports the victim had one of his fingers cut off.
AFP via Getty Images
Last year in Europe, including the UK, there were more than 18 such cases, according to one report. The study said there had been a “dramatic increase” in cybercrime involving physical attacks.
Europol, the law enforcement agency of the European Union, investigates such crime as part of its wider efforts to catch the perpetrators of all “violence as a service”, where individuals carry out attacks for a fee.
In the US, the FBI issued an alert last summer, warning about the increased risk of violence from a network of online-linked criminals called “In Real Life Com”.
These criminals, it said, are becoming increasingly aggressive, and happy to offer violence-as-a-service.
“If you are looking for something bad to happen to somebody you can find somebody that’s willing to take that action for you within ‘The Com’,” says Adam Meyers, senior VP for counter adversary operations at cybersecurity software firm Crowdstrike.
“That could be throwing bricks through a window, it could be setting something on fire, it could be a shooting or it could be a kidnapping. Lower technically-sophisticated people will probably gravitate more towards violence-as-a-service because violence is often the only thing they have that they can bring to the party.”
Zac Warren
In the cryptocurrency cases, adds Meyers, the victims have probably drawn attention to themselves by being careless about what they reveal on social media, showing off about their success.
“Cryptocurrency people tend to have discussions about it in a way that you don’t find with people who maybe have gold,” he says. “They’re online talking about trading cryptocurrency and how much money they’ve made, trying to get followers and get attention. As you do that, you’re drawing attention to yourself.”
Beasley says that threats of violence linked to cybercrime will likely only continue to rise “because people keep paying” as a result of it. “They don’t want their kids getting kidnapped.”
He adds: “It does make you want to look behind your back.”
