Infosec analyst pleads guilty to hijacking ransom payment from his employer

Infosec analyst pleads guilty to hijacking ransom payment from his employer

A former IT security analyst at the UK-based gene and cell therapy company Oxford Biomedica has admitted to posing as a ransomware gang to steal ransom payment from his employer.

Ashley Liles, of Fleetwood, Letchworth Garden City, Hertfordshire, pleaded guilty to blackmail and unauthorized access to a computer with intent to commit other offences following an investigation by the South East Regional Organized Crime Unit (SEROCU).

The case dates back to February 2018, when the company was hit by a ransomware attack, with the threat actors demanding a £300,000 ransom in Bitcoin.

According to the police, Liles abused his role as a security analyst at the company to gain unauthorized access to a board member’s email account and change the payment address provided in the original blackmail email to one under his control in the hopes to divert any future payments to himself. Furthermore, Liles also created an almost identical email address to the original attacker and began emailing his employer to pressurize them to pay the money.

His plan fell through when the company’s security team discovered the unauthorized access to the private emails and tracked this access to Liles’ home address.

During a search at Liles’ home the police seized a computer, laptop, phone, and the USB stick.

“Liles had wiped all data from his devices just days before his arrest in order to try to hide his involvement, however the data was recovered and this provided direct evidence of his crimes,” the police said.

Back to the list

Latest Posts

Cyber Security Week in Review: May 9, 2025

Cyber Security Week in Review: May 9, 2025

In brief: SAP zero-day exploited by Chinese hackers, SonicWall patches bugs in its SMA appliances, and more.
9 May 2025
Russia-linked Coldriver hackers deploy new espionage malware in targeted attacks

Russia-linked Coldriver hackers deploy new espionage malware in targeted attacks

LOSTKEYS is designed to steal sensitive files, harvest system information, and exfiltrate details about running processes.
8 May 2025
Russia-aligned operation manipulates audio and images to impersonate experts

Russia-aligned operation manipulates audio and images to impersonate experts

The operation primarily focused on undermining NATO support for Ukraine and spreading false narratives to disrupt domestic politics in EU member states.
7 May 2025