UK IT Worker Exploits Ransomware Attack, Tries to Blackmail Employer

An IT security analyst from Fleetwood, Hertfordshire in southern England has been convicted of unauthorized computer access with criminal intent and blackmail after exploiting a ransomware attack at his place of work.

28-year-old Ashley Liles worked as an IT expert at a company in Oxford that was recently targeted by a ransomware attack. As part of his role, Liles was involved in investigating the incident, but rather than mitigating the damage, he devised a scheme to benefit from the situation.

Authorities found that Liles impersonated the unidentified ransomware group behind the attack, attempting to trick his employer into paying the ransom demand to him personally. His elaborate ruse included posing as the hacker group and demanding money to decrypt the company's seized data.

“He accessed a board member’s private emails over 300 times as well as altering the original blackmail email and changing the payment address provided by the original attacker,” said the South East Regional Organised Crime Unit (SEROCU) in an announcement. “This was in the hope that if payment was made, it would be made to him rather than the original attacker. Liles also created an almost identical email address to the original attacker and began emailing his employer to pressurise them to pay the money.”

Liles' plot unraveled when unauthorized access to the private emails pointed to his home IP address. Further investigation into these suspicions led the company to uncover Liles' deceptive plot, triggering an immediate police response.

SEROCU Cyber Crime team officers arrested the suspect and searched his home address, seizing “a computer, laptop, phone and a USB stick.” Although Liles attempted to cover his tracks by wiping all data from his devices before he was arrested, the police managed to recover and use it as direct evidence of his crimes.

Following his conviction, Liles is scheduled for sentencing on July 11. His case highlights the multifaceted nature of cybersecurity threats, showing that they can originate from within an organization and not solely from external, anonymous hackers.

Details of the specific penalties Liles faces are yet to be released. As this case demonstrates, cybersecurity breaches pose a severe threat to businesses and are treated appropriately by the criminal justice system.