You are currently viewing Two US rusted Cybersecurity Professionals Plead Guilty in Major Ransomware Extortion Case

Two US rusted Cybersecurity Professionals Plead Guilty in Major Ransomware Extortion Case

Two U.S.-based cybersecurity professionals have pleaded guilty in federal court for their roles in spearheading ransomware attacks that extorted multiple victims across the United States, according to the U.S. Department of Justice.

The defendants, Ryan Clifford Goldberg of Georgia and Kevin Tyler Martin of Texas, both formerly employed in respected cybersecurity roles, admitted to conspiring to obstruct, delay, or affect commerce through extortion by deploying the notorious ALPHV/BlackCat ransomware in 2023.

Background & Scope of the Case

Goldberg and Martin — who previously worked as an incident response manager and a ransomware negotiator, respectively — used their professional expertise and trusted access to identify, infiltrate, and compromise corporate networks.

The pair operated as affiliates of the BlackCat ransomware group, paying a portion of ransom proceeds to the malware’s administrators in exchange for access to the ransomware platform.

According to court records, the defendants and a third unnamed co-conspirator targeted numerous U.S. companies, including victims in healthcare, engineering, and technology sectors. In one instance, a Florida medical company paid over $1.2 million in Bitcoin to regain access to encrypted files — funds that were subsequently laundered.

Consequences & Legal Outcomes

Goldberg and Martin have entered guilty pleas to federal charges of conspiracy to commit extortion. They face up to 20 years in prison, and sentencing has been scheduled for March 12, 2026.

In addition to potential incarceration, both defendants are expected to forfeit proceeds derived from the illicit scheme as part of their plea agreements.

Industry Impact & Lessons Learned

This case marks a sobering reminder that insider threats — even from experienced cybersecurity professionals — pose real and evolving risks to organizations. It underscores several key imperatives for businesses and security teams:

  • Vetting & Oversight: Robust background screening and continuous monitoring of personnel with privileged system access is essential.
  • Ethics & Accountability: Strong ethical codes and enforceable professional standards in cybersecurity can deter misuse of skills for illicit ends.
  • Third-Party Risk Management: Organizations must evaluate not only their internal teams but also the trustworthiness of external partners, especially those engaged in incident response and threat mitigation services.

Closing Thought

While ransomware remains a pervasive global threat, cases like this highlight the deep importance of integrity in the cybersecurity profession. Upholding trustworthiness and ethical conduct isn’t just best practice — it’s foundational to protecting businesses, clients, and digital infrastructure.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. Summitsystemsissp assumes no liability for the accuracy or consequences of using this information

Tags: , , , , , , ,