24 May 2023

Infosec analyst pleads guilty to hijacking ransom payment from his employer


Infosec analyst pleads guilty to hijacking ransom payment from his employer

A former IT security analyst at the UK-based gene and cell therapy company Oxford Biomedica has admitted to posing as a ransomware gang to steal ransom payment from his employer.

Ashley Liles, of Fleetwood, Letchworth Garden City, Hertfordshire, pleaded guilty to blackmail and unauthorized access to a computer with intent to commit other offences following an investigation by the South East Regional Organized Crime Unit (SEROCU).

The case dates back to February 2018, when the company was hit by a ransomware attack, with the threat actors demanding a £300,000 ransom in Bitcoin.

According to the police, Liles abused his role as a security analyst at the company to gain unauthorized access to a board member’s email account and change the payment address provided in the original blackmail email to one under his control in the hopes to divert any future payments to himself. Furthermore, Liles also created an almost identical email address to the original attacker and began emailing his employer to pressurize them to pay the money.

His plan fell through when the company’s security team discovered the unauthorized access to the private emails and tracked this access to Liles’ home address.

During a search at Liles’ home the police seized a computer, laptop, phone, and the USB stick.

“Liles had wiped all data from his devices just days before his arrest in order to try to hide his involvement, however the data was recovered and this provided direct evidence of his crimes,” the police said.

Back to the list

Latest Posts

Cyber security week in review: May 26, 2023

Cyber security week in review: May 26, 2023

The world in brief: New ICS malware discovered, hacktivists expose Russian hacker wanted in the US, Pegasus spyware found in Armenia and Azerbaijan, and more.
26 May 2023
Barracuda’s email gateway appliances breached via zero-day bug

Barracuda’s email gateway appliances breached via zero-day bug

The vulnerability resided in a module which initially screens the attachments of incoming emails.
25 May 2023
Chinese hackers target critical infrastructure in the US

Chinese hackers target critical infrastructure in the US

In a separate campaign China-linked hackers spied on the Kenyan government to obtain information on debts owed to Beijing.
25 May 2023