A former IT security analyst at the UK-based gene and cell therapy company Oxford Biomedica has admitted to posing as a ransomware gang to steal ransom payment from his employer.

Ashley Liles, of Fleetwood, Letchworth Garden City, Hertfordshire, pleaded guilty to blackmail and unauthorized access to a computer with intent to commit other offences following an investigation by the South East Regional Organized Crime Unit (SEROCU).

The case dates back to February 2018, when the company was hit by a ransomware attack, with the threat actors demanding a £300,000 ransom in Bitcoin.

According to the police, Liles abused his role as a security analyst at the company to gain unauthorized access to a board member’s email account and change the payment address provided in the original blackmail email to one under his control in the hopes to divert any future payments to himself. Furthermore, Liles also created an almost identical email address to the original attacker and began emailing his employer to pressurize them to pay the money.

His plan fell through when the company’s security team discovered the unauthorized access to the private emails and tracked this access to Liles’ home address.

During a search at Liles’ home the police seized a computer, laptop, phone, and the USB stick.

“Liles had wiped all data from his devices just days before his arrest in order to try to hide his involvement, however the data was recovered and this provided direct evidence of his crimes,” the police said.