Here’s your reminder today of the insider threat, from the South East Organised Regional Crime Unit. This case was previously noted by BleepingComputer.
A 28-year-old man who tried to extort money from the company he worked for has been jailed for three years and seven months.
At Reading Crown Court today (11/7) Ashley Liles, of Fleetwood, Letchworth Garden City, Hertfordshire, was sentenced for blackmail and unauthorised access to a computer with intent to commit other offences.
He pleaded guilty to the offences on 17 May this year.
Five years earlier on 27 February 2018, the Oxford-based company that Liles worked for as an IT Security Analyst suffered a cyber-security incident.
The attacker accessed part of the computer systems and sent an email to senior members of the company, demanding a ransom payment.
Liles, along with other colleagues, worked with police to investigate the incident.
Using the information he learned from this, Liles commenced a secondary attack on the company. He accessed senior board members emails over 300 times and altered the attackers original email address to an almost identical one.
From this, he sent another email to the company with his own payment details in the hope that if payment was made, it would be to him rather than the original attacker. He then pressurised the company to pay the money.
The company refused to make the payment and the unauthorised access to the private emails was discovered. It was later identified that the access had come from Liles home address.
Officers from the South East Regional Organised Crime Unit’s (SEROCU’s) Cyber Crime Unit arrested Liles and searched his property. They seized a computer, laptop, phone and USB stick.
Just days before his arrest, Liles had wiped the data from his devices, however officers were able to recover this information and provide evidence of what he had done.
Detective Inspector Rob Bryant, from the SEROCU Cyber Crime Unit, said: “This has been a complex and challenging investigation and I am extremely grateful for all the officers and staff that were involved for their commitment and dedication over a five year period.
“This case demonstrates that the police have the ability and technical skills to investigate cybercrime offences and bring cyber-criminals to justice.
“I would encourage all victims of cybercrime, whether businesses or individuals, to report to Action Fraud.”
You can also visit the Cyber Protect section of the SEROCU website for more information about how to protect yourself and your business from cyber crime. This includes a number of free sessions that can be delivered to organisations across the South East.
SOURCE: SEROCU