IT Security Company COO Charged with Medical Center Cyberattack

June 14, 2021 - Vikas Singla, chief operating officer of network security company Securolytics, was indicted on June 8th in connection with a 2018 medical center cyberattack Georgia, according to a statement from the US Department of Justice.

Singla, 45, appeared in front of US Magistrate Judge Linda T. Walker and was indicted by a federal grand jury. Singla, of Marietta, GA, was charged with 17 counts of “intentional damage to a protected computer and one count of obtaining information from a protected computer” in connection with the attack on Gwinnett Medical Center in Lawrenceville, according to the statement.

“This cyberattack on a hospital not only could have had disastrous consequences, but patient’s personal information was also compromised,” said Chris Hacker, FBI Atlanta special agent, in the statement. “The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed.”

The cyberattack entailed disrupting network printer and phone services and obtaining digital information for personal financial gain. According to the indictment, Singla aided and abetted the unauthorized transmission of a program, code, and command on the medical center’s protected computers. The case is still being investigated by the FBI.

“Criminal disruptions of hospital computer networks can have tragic consequences,” said Nicholas L. McQuaid, acting assistant attorney general of the Justice Department’s criminal division, in the statement. “The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”

Singla’s company was employed by Gwinnett Medical Center, now called Northside Hospital Gwinnett, when the cyberattack was conducted on September 27, 2018. The damage affected at least 10 protected computers and exposed medical diagnosis and treatment records of at least one patient.

“Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety,” said Kurt R. Erskine, acting US attorney, in the statement. “In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”

The case exposes potential risks that healthcare organizations face in relation to vendors, due to the level of access these vendors have when hired. A recent cyberattack on the University of Florida Health The Villages Regional Hospital and Leesburg Hospital has led to network outages and EHR downtime. In the meantime, patient records are being documented on paper.

Industry leaders are urging the government to help curb ransomware and cyberattacks. The Healthcare and Public Health Sector Coordinating Council recently sent a letter to President Biden asking him to use American Rescue Plan funds to invest in a healthcare cybersecurity partnership.

“In assessing how the American Rescue Plan, coupled with the recently released Executive Order on Improving the Nation's Cybersecurity, can measurably strengthen the security and resiliency of the healthcare system and patient safety, we request an enhanced strategic planning process with the Administration that will complement the ongoing cybersecurity partnership between the HSCC, the Department of Health and Human Services and other essential government partners,” the HSCC letter stated.

Recently, the White House and the Department of Justice announced that it will focus more time and attention on investigating ransomware attacks. In addition, the DOJ recently launched its Ransomware and Digital Extortion Task Force to put more energy and resources into preventing damaging ransomware attacks that are causing destruction across many industries.