A 28-year-old man has been convicted of blackmail and unauthorised access to a computer with intent to commit other offences following an investigation by the South East Regional Organised Crime Unit (SEROCU). 

Ashley Liles, of Fleetwood, Letchworth Garden City, Hertfordshire, pleaded guilty during a hearing at Reading Crown Court on Wednesday (17/5). 

In February 2018, Liles was employed as an IT Security Analyst at an Oxford-based company. 

On 27 February 2018, the company suffered a cyber security incident which involved unauthorised access to part of the company’s computer systems. The attacker notified senior members of the company and demanded a ransom payment. 

Liles began to investigate the incident, in his role as the company’s IT Security Analyst and worked alongside colleagues and the police to try to mitigate the incident. 

However, unknown to the police, his colleagues and his employer, Liles commenced a separate and secondary attack against the company. He accessed a board member’s private emails over 300 times as well as altering the original blackmail email and changing the payment address provided by the original attacker. This was in the hope that if payment was made, it would be made to him rather than the original attacker. Liles also created an almost identical email address to the original attacker and began emailing his employer to pressurise them to pay the money.  

No payment was made and the unauthorised access to the private emails was noticed. It was identified that this access came from Liles home address. Specialist police officers from SEROCU’s Cyber Crime team arrested Liles and conducted a search of his home address. Items seized from his address included a computer, laptop, phone and a USB stick. Liles had wiped all data from his devices just days before his arrest in order to try to hide his involvement, however the data was recovered and this provided direct evidence of his crimes. 

Liles denied any involvement despite this evidence being found. It was not until five years later that he chose to plead guilty. 

He will return to Reading Crown Court for sentencing on 11 July. 

Detective Inspector Rob Bryant from the SEROCU Cyber Crime Unit said: 

“I would like to thank the company and their employees for their support and cooperation during this investigation. I hope this sends a clear message to anyone considering committing this type of crime. We have a team of cyber experts who will always carry out a thorough investigation to catch those responsible and ensure they are brought to justice.” 

If your company is the victim of a cyber fraud attack, please contact Action Fraud immediately. 

Our Cyber Protect team offer a number of free cyber security support services to organisations in the South East region – Surrey, Sussex, Hampshire or the Thames Valley (Berkshire, Buckinghamshire and Oxfordshire). 

You can find out more about this free service at: https://serocu.police.uk/cyber-protect/