Washington: The U.S. Department of Justice has said that two cybersecurity professionals have admitted in court that they worked with a notorious ransomware gang to target American companies and attempt to extort large sums of money. The case has drawn attention because the accused were regarded as trusted figures in the digital-security industry.
According to federal prosecutors, Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, entered guilty pleas in a Miami federal court to a charge of conspiracy to commit extortion. They are scheduled to be sentenced in March and face a statutory maximum of up to 20 years in prison. Martin’s attorney declined to comment, and the public defender representing Goldberg also did not issue any statement.
Inside help for a ransomware operation
Investigators allege the two worked with the ALPHV/BlackCat ransomware operation to help encrypt the networks of several U.S. companies. Once systems were locked, the victims were pressured to pay hefty ransoms in cryptocurrency.
Officials said this was not only a cybercrime case, but also “a breach of trust,” noting that such experts are usually hired to protect organizations — not undermine them.
Companies distance themselves
Martin had previously been associated with DigitalMint. The company said it was aware of his guilty plea and “strongly condemns” the conduct, adding that the actions were taken without the company’s knowledge or authorization and that it fully cooperated with investigators.
Goldberg earlier worked with cybersecurity firm Sygnia. While the company did not respond to recent inquiries, it had previously stated that Goldberg was terminated immediately once the situation came to light, and clarified that Sygnia itself is not a target of the investigation.
Third co-conspirator still unclear
Court filings reference a third co-conspirator, but no details about that person’s identity or current status have been made public. It also remains unclear how direct contact with the ALPHV/BlackCat group was initially established — the same group that appeared to vanish after a major cyberattack on UnitedHealth Group last year.
A warning sign for the industry
Security analysts say the case is a stark warning for the entire cybersecurity sector: when attackers receive help from inside, even the strongest defenses can be compromised. The episode also raises questions about background screening, ethical oversight and trust within security teams. The Justice Department said it would limit further comment until sentencing — but emphasized one message:
“Whether it is cybercrime or insider collusion — no one is above the law.”
