Former Negotiator Gets 70 Years for Aiding Major Cybercrime Organization
A security professional who worked between hackers and victims received a lengthy prison sentence for collaborating with BlackCat ransomware operators.
Another Security Insider Caught Helping Cybercriminals
Federal courts have handed down a significant prison sentence to Angelo Martino, a professional who previously negotiated between ransomware attackers and their victims. Martino received a 70-month prison term—nearly six years—after admitting he assisted the BlackCat/Alphv ransomware operation. This case marks the third time a US-based cybersecurity worker has been prosecuted for secretly helping dangerous hacking groups carry out attacks and extortion schemes.
The situation represents a troubling pattern: people hired to protect against cyber attacks are instead choosing to help the attackers. Martino's role made his betrayal especially damaging. As someone who negotiated ransom payments on behalf of victims, he had insider knowledge of how companies respond to digital extortion—valuable information for criminals planning their next targets.
What This Means
This case exposes a critical vulnerability in cybersecurity defenses: the human factor. Companies invest millions in firewalls, encryption, and detection software, but they sometimes overlook the trustworthiness of their own employees. When someone with legitimate access decides to help attackers, all those technological barriers become nearly useless.
BlackCat/Alphv represents one of the most sophisticated ransomware operations worldwide. The group typically targets large organizations, locks up their computer systems, and demands millions in payments. Having help from someone who understands negotiation tactics and victim behavior gave them a serious advantage.
The bigger picture: Insiders helping external criminals is not new, but the cybercrime world has made it particularly profitable and attractive to corrupt individuals.
Why You Should Care
If you work in any organization, this case shows that your company's security depends not just on technology, but on the integrity of people around you. A single employee with the wrong motivations can compromise entire networks.
For business leaders, this is a wake-up call about vetting employees and monitoring for suspicious behavior. For everyday workers, it highlights why organizations implement security rules that might seem annoying—they exist partly to catch insider threats.
This also affects you as a customer or patient of any organization. When hackers successfully extort a company, they often sell or publish stolen personal data. That might include your medical records, financial information, or private details. Each successful ransomware attack funded by insiders puts ordinary people at risk.
What You Can Do
- At work: Follow all security policies, even the inconvenient ones. Report suspicious employee behavior through proper channels.
- As a manager: Implement background checks, monitor access to sensitive systems, and create a culture where employees report threats.
- As an individual: Use strong passwords, enable two-factor authentication, and stay alert for phishing attempts—many attacks start with infected emails.
- Support awareness: Understand that cybersecurity is a shared responsibility, not just an IT department problem.
Organizations must recognize that their biggest security risk often walks through the front door every morning.
Want to understand the technology behind this story? ITVedas has beginner-friendly guides on every IT topic.
Explore IT Chapters →