28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack.
Liles, an IT security analyst at an Oxford-based company, exploited his position to intercept a ransomware payment following an attack suffered by his employer.
To deceive the company, he impersonated the ransomware gang extorting them. He tried to redirect the ransomware payments by switching the cybercriminals’ cryptocurrency wallet to one under his control.
“Unknown to the police, his colleagues, and his employer, Liles commenced a separate and secondary attack against the company,” reads the original press release by the South East Regional Organised Crime Unit (SEROCU).
“He accessed a board member’s private emails over 300 times as well as altering the original blackmail email and changing the payment address provided by the original attacker.”
He also created an email address very similar to the one used by the attackers and used it to put further pressure on his employer to ensure that the ransomware gang’s demands would be met and the ransom would get paid.
However, the company didn’t comply with the attackers’ demands, and internal investigations during that period exposed Liles’ unauthorized access to confidential emails while using the Internet connection at this home.
Although Liles took precautions by erasing all data from his personal devices after becoming aware of the progressing investigations, SEROCU’s cybercrime team seized his computer and successfully recovered incriminating evidence.
At first, Liles adamantly denied involvement, but during a recent court hearing at Reading Crown Court, he ultimately pleaded guilty five years later.
Liles was sentenced to three years and seven months in prison “for blackmail and unauthorised access to a computer with intent to commit other offences.”
According to UK legislation, unlawful computer entry can result in a prison term of up to two years, whereas blackmail is punishable by a maximum sentence of 14 years.
Source: www.bleepingcomputer.com
