Anyone surprised that cybersecurity professionals are charged with ransomware business?

ComputerWorld.com reported that “Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion.”  The January 2, 2026 report entitled “US cybersecurity experts plead guilty to attacking US companies with ransomware” (https://www.computerworld.com/article/4112402/us-cybersecurity-experts-plead-guilty-to-attacking-us-companies-with-ransomware.html) included these comments:

They will be sentenced on March 12, 2026, the US Department of Justice announced this week.

Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the US between April 2023 and December 2023. An unnamed co-conspirator was also listed in the court filings.

They were accused of targeting five companies with the ransomware: a Florida medical device company, a Maryland pharmaceutical company, a doctor’s office in California, an engineering company in California, and a drone manufacturer in Virginia.

BlackCat ransomware, also known as ALPHV, is particularly pernicious as it can exploit cloud copies of data intended to protect against ransomware attacks as a way into the enterprise. Those behind it are among the most dangerous ransomware groups active today.

Good work by the Department of Justice!