U.S. cybersecurity experts plead guilty for ransomware attacks, face 20 years in prison each — group demanded up to $10 million from each victim

Two former cybersecurity experts pled guilty to conspiracy to obstruct commerce by extortion and are set to be sentenced up to 20 years in prison each for attacking several U.S. companies with ransomware and holding their data hostage for up to $10 million. BleepingComputer reported that the two offenders were former employees of Sygnia and DigitalMint — cybersecurity incident response firms that help companies that have been affected by ransomware and other cyberattacks.

“These defendants used their sophisticated cybersecurity training and experience to commit ransomware attacks — the very type of crime that they should have been working to stop,” Assistant Attorney General A. Tysen Duva said in a statement. “Extortion via the internet victimizes innocent citizens every bit as much as taking money directly out of their pockets. The Department of Justice is committed to using all tools available to identify and arrest perpetrators of ransomware attacks wherever we have jurisdiction.”

Ryan Clifford Goldberg, 40, of Watkinsville, Georgia, was a Sygnia incident response manager, while Kevin Tyler Martin, 36, of Roanoke, Texas, was a ransomware threat negotiator for DigitalMint. Another unnamed co-conspirator had the same position as Martin at DigitalMint, but they haven't been identified yet. According to the Justice Department, the three people tapped the ALPHV BlackCat ransomware-as-a-service for their activities, paying its administrators a 20% cut of their proceeds.

The three conspirators attacked several U.S. companies across different states, including those based in Maryland, California, Florida, and Virginia. Of all the victims, court records show that only a Florida-based medical device maker paid a ransom of $1.27 million — a fraction of the $10 million the group demanded from the company. After paying BlackCat’s 20% cut, the group split the remainder three ways and laundered the Bitcoin through different channels.

Neither the DOJ nor the United States Southern District Court of Florida mentioned how the two were caught, so we don’t know what led to their arrest — nevertheless, Goldberg has been in federal custody since September 2023. The FBI Miami Field Office was the main agency behind this investigation, and has been assisted by the U.S. Secret Service. Aside from their arrest, indictment, and sentencing, the Southern District of Florida is also handling the asset forfeiture case, meaning the perpetrators will likely yield the proceeds of their crime to the victims or the state.

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.