IT security analyst admits hijacking cyber attack to pocket ransom payments

From theregister.com

A former IT security analyst at Oxford Biomedica has admitted, five years after the fact, to turning to the dark side – by hijacking a cyber attack against his own company in an attempt to divert any ransom payments to himself.

Ashley Liles, of Letchworth Garden City, Hertfordshire, pleaded guilty at Reading Crown Court to blackmail and unauthorized access to a computer with intent to commit other offences on May 17 following an investigation by the South East Regional Organised Crime Unit (SEROCU).

The case stretches back to February 27, 2018, when the Oxford-based gene and cell therapy company was hit by a “security incident” in which unauthorized access was gained to part of the organization’s computer systems. The parties responsible informed senior execs and demanded a ransom, confirmed by cops to be £300,000 in Bitcoin.

Liles, in his capacity as security analyst for Oxford Biomedica, began to investigate the attack alongside colleagues and the police, but SEROCU’s own probe soon uncovered an ulterior motive.

Read more…