Here’s one I hadn’t seen before. Ashley Liles, a former IT employee, has been sentenced to over three years for attempting to blackmail his employer during a ransomware attack. To deceive the company, he impersonated the ransomware gang extorting them. He tried to redirect the ransomware payments by switching the cybercriminals’ cryptocurrency wallet to one under his control. He used access to internal emails to alter the blackmail email and monitor the board’s actions.
When the company didn’t comply, as they conducted internal investigations, they found the IT employee’s unauthorized access.
Why do we care?
I’m not expecting this to be commonplace… but it brings home the concept of zero trust to consider that the call may be coming from inside the house. This fell quickly into the “tactics you need to be aware of,” although I would acknowledge that a well-designed process should mitigate this risk.

