An IT worker in the UK has been convicted of unauthorized computer access and blackmail after attempting to take advantage of a ransomware attack on his employer.
Ashley Liles was found to have attempted to blackmail his employer, Oxford Biomedica, into paying a ransom in the wake of a 2018 security breach.
In February that year, the Oxford-based company suffered a security incident that saw threat actors gain unauthorized access to the company’s computer systems.
Jurors at Reading Crown Court heard that, during an investigation into the incident, Liles commenced a secondary attack against the company.
“Liles began to investigate the incident, in his role as the company’s IT security analyst and worked alongside colleagues and the police to try to mitigate the incident,” according to a statement from the South East Regional Organized Crime Unit (SEROCU).
“However, unknown to the police, his colleagues, and his employer, Liles commenced a separate and secondary attack against the company.”
Liles accessed board members’ private emails more than 300 times and altered the original ransom note to change the payment address to his own cryptocurrency wallet.
Prosecutors said that Liles’ intention was that, if a payment was made, it would be made to him rather than the original attacker.
RELATED RESOURCE
The near and far future of ransomware business models
What would make ransomware actors change their criminal business models?
The security analyst was also found to have created an “almost identical” email address to the original ransomware attacker and began pressuring his employer to pay the ransom fee.
However, no payment was ever made and the unauthorized access to private emails was discovered, revealing that the access came from Liles’ home address.
A subsequent investigation by police officers from SEROCU’s cyber crime team arrested Liles in 2018 and conducted a search of his home.
Although digital devices were seized in the raid, Liles was found to have wiped all data from his devices to cover up his involvement in the scheme.
“Items seized from his address included a computer, laptop, phone and a USB stick,” SEROCU said.
“Liles had wiped all data from his devices just days before his arrest in order to try to hide his involvement, however the data was recovered and this provided direct evidence of his crimes.”
Liles initially denied his involvement despite this evidence being found, and did not plead guilty for around five years.
He is set to return to Reading Crown Court for sentencing on 11 July.
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The complete guide to the NIST cybersecurity frameworkWhitepaper Find out how the NIST Cybersecurity framework is evolving
-
Are you prepared for the next attack? The state of application security in 2024Webinar Aligning to NIS2 cybersecurity risk-management obligations in the EU
-
The economics of penetration testing for web application securitywhitepaper Get the most value from your security solution
-
How to extend zero trust to your cloud workloadsWhitepaper Implement zero trust-based security across your entire ecosystem
-
Four requirements for a zero trust branchWhitepaper Effectively navigate the complex and ever-changing demands of security and network connectivity
