A former IT security analyst has been sentenced to three years and seven months in prison for attempting to blackmail his employer, according to British police.
Ashley Lyles, 28, of Fleetwood, Letchworth Garden City, was found guilty of unauthorized computer access with intent to commit extortion and other crimes, according to the Southeastern Regional Organized Crime Control Unit (SEROCU). received.
The Oxford-based company he worked for suffered a security breach in February 2018 when attackers accessed the company’s IT systems and sent ransom emails to his bosses.
UK ransomware attack details: UK ransomware incidents to surge 17% in 2022.
At the time, Lyles was working with colleagues and the police to investigate the incident. But according to SEROCU, he has since used information gleaned from the attack to orchestrate further incidents.
“He accessed the emails of senior directors more than 300 times and changed the original email addresses of the attackers to nearly identical ones,” SEROCU claimed.
“This prompted him to send another email to the company with his payment details in the hope that if the payment was made, it would go to him and not the original attacker. , he pressured the company to pay.”
The company continued to refuse payments until an email hijack was discovered and traced back to Lyles’ home IP address.
Lyles had erased the data from his device, but when police searched his home, they were able to recover key evidence leading to his arrest.
Detective Inspector Rob Bryant of SEROCU’s Cybercrime Unit said, “This is a complex and difficult investigation and we are extremely grateful to all of our officers and employees for their dedication over the past five years.” .
“This case demonstrates the police’s ability and technical skills to investigate cybercrime crimes and bring cybercriminals to justice.”
According to Proofpoint, the cost of global insider threats surged 34% between 2020 and 2021, and incident volume increased 44%.
