Two cybersecurity professionals, including a former employee of a Chicago firm that helps resolve ransomware attacks, pleaded guilty last week to hacking a medical device company and extorting a ransom of nearly $1.3 million to unlock its servers.
Kevin Tyler Martin, a ransomware threat negotiator for River North-based DigitalMint at the time of the conspiracy, and Ryan Clifford Goldberg, who worked for the multinational company Sygnia Cybersecurity Services, admitted to carrying out the May 2023 cyberattack last Thursday in federal court in Miami, court records show.
Martin and Goldberg, who partnered with a second DigitalMint employee who wasn’t charged, also formally acknowledged their roles in four other attacks between May and November 2023 that didn’t result in ransom payments, according to court records.
The two defendants, who were indicted in October, pleaded guilty to conspiracy to interfere with commerce by extortion, court records show. They each face up to 20 years in prison, three years of supervised release and a fine of up to $250,000, according to their plea agreements.
Martin’s attorney declined to comment. Goldberg’s public defender didn’t immediately respond to an inquiry.
The attack that led to their convictions generated a hefty cryptocurrency payment, court records show.
In that case, Martin, Goldberg and the unnamed accomplice hacked the medical company, encrypted its servers and demanded $10 million, the records show. The company ultimately paid 44.811 Bitcoin, worth roughly $1.27 million, for a decryption tool and an agreement its data wouldn’t be posted online.
The hackers paid 20% of the crypto to an administrator who provided the ransomware and a “platform to attack and extort victims,” according to court records. The rest went to the co-conspirators, leaving each with Bitcoin valued at about $324,123.26 at the time.
Martin and Goldberg each agreed to forfeit that amount of money, as well as “any property that constitutes or is derived from proceeds traceable to the offense,” according to documents filed by U.S. Magistrate Judge Ellen F. D’Angelo.
Their sentencing dates haven’t been set.