Two cybersecurity incident responders have been sentenced to four years in prison for their involvement in covert ransomware attacks. **Ryan Goldberg**, 40, formerly of incident response firm **Sygnia**, and **Kevin Martin**, 36, a ransomware negotiator for **DigitalMint**, each pleaded guilty in December to one count of conspiracy to obstruct commerce by extortion. They were initially facing up to 20 years in prison. ### Inside the Conspiracy Prosecutors revealed that Goldberg and Martin collaborated with **Angelo Martino** to launch **ALPHV/BlackCat** ransomware attacks between April and December 2023. The trio allegedly abused their positions in cyber incident response to extort victims. While the group launched multiple attacks, they only successfully extorted one company, netting $1.2 million from the incident. Assistant Attorney General Andrew Tysen Duva condemned their actions, stating that the men harmed critical service providers and "played hardball with them, going so far as to cause the leak of patient data from a doctor’s office victim.” He emphasized the betrayal of trust, noting that these individuals were "supposed to be cybersecurity specialists who did good and helped businesses and people." ### Global Manhunt **FBI** Assistant Director Brett Leatherman disclosed that the FBI had to track Goldberg across 10 countries after he fled abroad prior to his arrest, highlighting the lengths to which the perpetrators went to evade justice. ### Martino's Role and Impending Sentencing The sentences for Goldberg and Martin come a week after Martino pleaded guilty to the same charge. Martino's role was particularly egregious, as he not only participated in attacks with Goldberg and Martin but also coordinated with ransomware gangs while ostensibly negotiating ransoms on behalf of five victims. Ransomware gangs allegedly paid Martino for confidential information about victim companies, enabling them to maximize ransom demands by knowing the victims' insurance policy limits. Some of the ransoms he negotiated reached as high as $26 million. Law enforcement seized approximately $10 million worth of assets from Martino. Martino is scheduled to be sentenced on July 9 and also faces up to 20 years in prison. ### DigitalMint's Response Following the incident, **DigitalMint** has implemented new security controls, mandating that all negotiations be conducted over auditable, cloud-based platforms. One of the company’s founders will now personally oversee all negotiations. Furthermore, DigitalMint will share its ransom negotiators' information with the **Department of Homeland Security** for oversight.