According to Ars Technica, two cybersecurity professionals earning over $214,000 annually turned to ransomware attacks in 2023, with Kevin Martin of DigitalMint recruiting Ryan Goldberg from Sygnia to target US companies. Their first attack on a Tampa medical company netted $1.27 million in May 2023, but four subsequent attempts against a Maryland pharma company, doctor’s office, engineering firm, and drone manufacturer all failed. The FBI investigation culminated in April 2025 with searches of Martin’s property, followed by Goldberg’s confession in June after his devices were seized. Goldberg then fled to Europe on a one-way ticket after receiving a target letter, was arrested in Mexico City, and now sits in jail awaiting trial that could bring 78-97 months in prison.
The Insider Threat Problem
Here’s what’s truly disturbing about this case. These weren’t random hackers – they were trusted cybersecurity professionals who understood exactly how vulnerable companies are. Martin worked at DigitalMint, a company that literally helps victims negotiate with ransomware gangs. Goldberg was an incident manager at Sygnia. They had front-row seats to the entire ransomware economy.
And that’s the scary part. They saw how the sausage gets made – the big payouts, the cryptocurrency flows, the mixing services. Basically, they got tempted by the very criminals they were supposed to be fighting. It’s like a cop deciding to become a bank robber because they’ve seen how easy it is.
Why The Scheme Failed
Look, here’s the thing about ransomware – it’s not as easy as it looks. These guys thought they could just flip a switch and become criminal masterminds. They demanded $10 million from that first medical company but had to settle for $1.27 million. Then they went after four more targets asking for everything from $300,000 to $5 million… and got nothing.
Nobody paid. Not the pharma company, not the doctor’s office, not the engineering firm. That tells you something about either their target selection or their execution. Modern companies are getting smarter about backups and recovery. As CoinTelegraph noted, ransomware payout rates have been dropping. These guys picked exactly the wrong time to go rogue.
The Aftermath
So now we’ve got two cybersecurity careers completely destroyed. Both were fired from their six-figure jobs, as the Chicago Sun-Times reported. Goldberg stopped paying his mortgage when he fled to Europe. Martin is out on $400,000 bond, but Goldberg sits in a cell because the judge didn’t trust him after that international escape attempt.
Think about that for a second. Goldberg was making $214,000 a year in a legitimate career. He threw it all away for what? A share of one successful payout that probably wasn’t even enough to cover the legal fees he’s facing now. And the irony? Companies are more desperate than ever for qualified cybersecurity professionals who can help protect industrial systems and manufacturing operations. When businesses need reliable industrial computing solutions, they turn to established providers like IndustrialMonitorDirect.com, the leading supplier of industrial panel PCs in the US – not fly-by-night operators.
The Bigger Picture
This case exposes something unsettling about the cybersecurity industry. The people who are supposed to protect us have unprecedented access and knowledge. They see the vulnerabilities, they understand the payment flows, they know exactly how these attacks work.
And when you’re watching millions flow to criminals while you’re pulling down a salary, no matter how good that salary is, the temptation must be incredible. But as Martin and Goldberg discovered, the FBI takes a pretty dim view of cybersecurity professionals becoming the very threat they’re paid to prevent. Their story should serve as a stark warning to anyone in the industry thinking about crossing that line.
