An interesting situation occurred in 2018 in the British city of Oxford. A group of extortionists carried out a cyber attack and encrypted the data of a local company. Fearing the loss of important data, the company’s management decided to pay a ransom to the attackers.
Ashley Liles, an IT analyst working for the company at the time, played a key role in ensuring the company’s cybersecurity. He set up a communication channel between the company’s management and the extortionists. However, Liles decided to take advantage of his position and intercepted the ransom meant for the real attackers.
To deceive the company, Liles posed as a member of the cybercrime group and attempted to redirect the payment. He replaced the attackers’ cryptocurrency wallet with his own and sent a fake email with the new details to the company. Additionally, Liles used his access to corporate documents to blackmail his superiors into speeding up the transfer of funds to his account.
However, Liles’ actions only frightened the company’s leadership, who initially intended to transfer the funds. As a result, the company did not comply with the attackers’ demands, and neither Liles nor the real hackers received the ransom. The company launched an independent internal investigation with the assistance of the British police department of Serocu. During the investigation, it was discovered that Liles had repeatedly accessed confidential company data, even from his home address.
Despite taking precautions such as erasing data from his personal devices after learning about the investigation, Liles’ computer was seized by law enforcement officers who successfully restored the necessary evidence.
In a recent court hearing at the Royal Court of Ring, Liles initially denied his involvement but eventually admitted to his actions. Five years had passed since the incident.
According to British legislation, illegal access to a computer can result in a prison sentence of up to two years, while blackmail carries a maximum sentence of 14 years.
Consequently, 28-year-old Liles was sentenced to three years and seven months in prison for unauthorized access to a computer with the intent to commit other crimes.
This story underscores the importance of ethics and honesty in the world of cybersecurity. While Ashley Liles initially worked to ensure the company’s safety, he abused his position for personal gain. Violating laws and exploiting authority is not only unethical but can also have serious consequences.