IT employee piggybacked on cyberattack for personal gain

2023-05-24 10:34

A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, England.

The man was employed as an IT Security Analyst when, on February 27, 2018, the company suffered a cyber security incident that resulted in the attacker gaining unauthorized access to part of the company's computer systems.

"The attacker notified senior members of the company and demanded a ransom payment," the South East Regional Organised Crime Unit has shared.

"He accessed a board member's private emails over 300 times as well as altering the original blackmail email and changing the payment address provided by the original attacker. This was in the hope that if payment was made, it would be made to him rather than the original attacker," SEROCU revealed.

Ultimately, the payment was not made, and the unauthorized access to the emails was discovered and traced back to the man's home.

The unlucky company had to contend not only with an external attack, but also an internal one.

News URL

https://www.helpnetsecurity.com/2023/05/24/it-employee-blackmailing-company/

#cyberattack