It’s bad when a firm has problems with computer security – it’s even worse, when these problems are specifically created by the security professional who offers to solve them himself. This was the business model employed by one computer expert in Huesca, a town in the Aragon province of Spain.

Jose Manuel, a 31-year-old IT worker, illegally accessed the servers of one company in Zaragoza, the capital of Aragon, trawling for weaknesses. He would then offer to close down these vulnerabilities in the security system for a reward. However, if he could not find any, he created them himself, using his technological expertise. The company began suspecting that someone was accessing its servers in March this year and complained to the regional police.

The Technological Crimes branch of the Aragon police took charge of the investigation and managed to find the culprit. In the course of the investigation it transpired that Jose Manuel took control of the company’s network and gained access to private data and communications. He also changed passwords and carried out other actions aimed at creating the impression that there were attacks from the outside. In the end he charged the affected company 84.000 Euros in “repair” costs for work he created himself.

After being detained by the Police Jose Manuel admitted his guilt and will now face the courts, while the Tech Crimes branch of the Police continues looking through his computer equipment in case there were other similar attacks.