UK 
United States
A UK worker has been convicted of imitating a cyber criminal during a ransomware attack to blackmail his employer into sending the ransom money to him instead.
The convicted employee, who worked as an IT Security Analyst at the Oxford-based company, saw a window of opportunity to take advantage of his employer when the business was hit by a genuine ransomware attack from a cyber criminal.
As part of the attack, the cyber criminal demanded the company’s executives make a payment directly to them. But because of his IT-focused role in the business, the worker was a part of the attack’s internal investigation, and was able to access private emails and change the payment address in the message from the cyber criminal to trick his boss into sending him the money instead.
The worker also created an almost identical email address to the original attacker so that he could pressure the employer into making the payment.
Continue reading for FREE!
Sign up for a myGrapevine account to get:
- Unlimited access to News content
- The latest Features, Columns & Opinions
- A full range of specialist HR newsletters to choose from
