A former IT security analyst has been jailed for three years and seven months after attempting to extort his employer, according to UK police.
Ashley Liles, 28, of Fleetwood, Letchworth Garden City, was sentenced for blackmail and unauthorized access to a computer with intent to commit other offenses, according to the South East Regional Organised Crime Unit (SEROCU).
The Oxford-headquartered company he worked for suffered a security breach back in February 2018, with a threat actor accessing the firm’s IT systems and sending bosses a ransom email.
Read more on UK ransomware attacks: UK Ransomware Incident Volumes Surge 17% in 2022.
At the time, Liles worked with colleagues and police to investigate the incident. However, he subsequently took the information he learned from that attack to orchestrate a follow-up incident, according to SEROCU.
“He accessed senior board members' emails over 300 times and altered the attacker’s original email address to an almost identical one,” SEROCU claimed.
“From this, he sent another email to the company with his own payment details in the hope that if payment was made, it would be to him rather than the original attacker. He then pressurized the company to pay the money.”
The company continued to refuse payment, and the email hijacking was subsequently discovered and traced back to an IP address at Liles’ home.
Although Liles had wiped data from his devices, when police raided his home they were able to recover critical evidence that led to his arrest.
“This has been a complex and challenging investigation and I am extremely grateful for all the officers and staff that were involved for their commitment and dedication over a five-year period,” said detective inspector Rob Bryant, from the SEROCU Cyber Crime Unit.
“This case demonstrates that the police have the ability and technical skills to investigate cybercrime offenses and bring cyber-criminals to justice.”
The cost of global insider threats surged 34% between 2020 and 2021, while the volume of incidents increased 44%, according to Proofpoint.