Two former cybersecurity professionals, Ryan Goldberg and Kevin Martin, have been sentenced to four years in prison each for their involvement in facilitating BlackCat (ALPHV) ransomware attacks. The duo, who leveraged their specialized knowledge to extort businesses, pleaded guilty to conspiracy charges. Their actions highlight a disturbing trend of individuals within the cybersecurity industry exploiting their skills for illicit gain.

Key Takeaways

• Ryan Goldberg and Kevin Martin sentenced to four years in prison.

• Pleaded guilty to conspiracy to obstruct commerce by extortion.

• Conspired with Angelo Martino to deploy BlackCat ransomware.

• Extorted at least one victim for approximately $1.2 million.

• Worked in the cybersecurity industry, possessing skills to protect systems.

The Scheme Unraveled

Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the BlackCat ransomware against multiple victims across the U.S. between April and December 2023. The two defendants, who pleaded guilty in December 2025, conspired with Angelo Martino, 41, of Florida, to carry out these attacks. The group agreed to pay the ALPHV BlackCat administrators a 20% share of any ransoms received in exchange for access to the ransomware and its extortion platform.

Exploiting Expertise for Extortion

Prosecutors emphasized that Goldberg and Martin, despite working in the cybersecurity field, used their expertise not to protect victims but to extort them. They targeted critical systems, stole sensitive data, and pressured American businesses to pay for the return of their information. In one notable case, the defendants successfully extorted a victim for approximately $1.2 million in Bitcoin, splitting their 80% share and laundering the funds to conceal their tracks.

Broader Impact and Co-conspirators

Although the BlackCat ransomware-as-a-service (RaaS) scheme has since been disrupted, it is estimated to have targeted over 1,000 victims globally. Angelo Martino, the third co-conspirator, also pleaded guilty and is awaiting sentencing. Martino reportedly abused his role as a negotiator to extract higher payouts by sharing confidential information about victims' insurance policy limits with BlackCat operators. Goldberg was employed by Sygnia as an incident response manager, while Martin and Martino worked for DigitalMint. Both Sygnia and DigitalMint have stated they terminated the employees upon learning of their alleged criminal activities and are not accused of any wrongdoing.

A Stark Warning

U.S. Attorney Jason A. Reding Quiñones stated, "These defendants exploited specialized cybersecurity knowledge not to protect victims, but to extort them." The sentencing serves as a stark warning to individuals within the cybersecurity sector who might consider using their skills for criminal purposes. The FBI has previously linked the BlackCat ransomware gang to numerous breaches and significant ransom collections.

By staying vigilant and adopting safe browsing practices, users can significantly reduce their exposure to these evolving threats. As cyber threats continue to evolve, your security strategy needs to evolve with them. BetterWorld Technology delivers adaptive cybersecurity solutions designed to keep your business secure while supporting innovation. Connect with us today to schedule a personalized consultation.

Sources

• Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks, The Hacker News.

• Two US Security Experts Sentenced to Prison for Helping Ransomware Gang, SecurityWeek.

• Former incident responders sentenced to 4 years in prison for committing ransomware attacks, CyberScoop.

• US ransomware negotiators get 4 years in prison over BlackCat attacks, BleepingComputer.

• US cybersecurity professionals plead guilty to Blackcat ransomware attacks, TechRadar.