A British IT employee who exploited a ransomware assault in opposition to the corporate he labored for, in an try to extort cash from them for himself, has been sentenced to jail for 3 years and 7 months.

As I beforehand described on the “Smashing Safety” podcast, gene and cell remedy agency Oxford Biomedica suffered a ransomware assault in February 2018.

A hacker accessed Oxford Biomedica’s programs, stole data, and senior members of the corporate obtained a ransom demand from the hacker.

Nothing uncommon about that.

Oxford Biomedica tasked its IT staff to work alongside the police in investigating the assault, decide the way it had occurred, and attempt to plug any remaining safety holes to stop future breaches.

Once more, up to now so regular.

However what was decidedly uncommon was that one in all its workers assigned to analyze the ransomware assault determined to really exploit the scenario, and trick his employer into giving him the ransom cash as an alternative of the real hackers.

Liles accessed the e-mail account of an Oxford Biomedica board member, and adjusted the unique ransom demand to direct that the cash ought to be paid to a Bitcoin pockets beneath his personal management, somewhat than that of the hackers.

This meant that if the corporate did finally determine to pay the ransom, it could find yourself with Liles somewhat than the (presumably lower than completely happy) hackers who had initiated the assault.

Liles additionally created an virtually an identical electronic mail tackle to that utilized by the unique hacker, and started emailing his employer to pressurise them to pay a ransom price £300,000.

As a part of their investigation, specialist officers from the UK’s SEROCU (the South East Regional Organised Crime Unit’s Cyber Crime Unit) recognized that somebody had been accessing the board member’s electronic mail, after which traced the entry again to Liles’ dwelling tackle.

Yup, evidently this specific IT safety analyst didn’t correctly cowl his tracks.

A subsequent search of Liles’s dwelling uncovered laptop tools, a cellphone, and USB stick. Regardless of Liles’s makes an attempt to wipe incriminating knowledge from his units, digital forensic analysts had been capable of recuperate sufficient proof to show his involvement within the extortion.

Ashley Liles of Fleetwood, Letchworth Backyard Metropolis, Hertfordshire, was sentenced yesterday at Studying Crown Court docket for blackmail and unauthorised entry to a pc with intent to commit different offences.

It’s a fairly outstanding story. Liles wasn’t related to the preliminary ransomware assault, it merely occurred on his watch. After which – some would say exhibiting competing quantities of initiative and recklessness – he tried to hijack the ransomware assault in opposition to his personal employer to his personal profit.

What a dumb factor to do.

Discovered this text attention-grabbing? Comply with Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we submit.