IT Security Company COO Pleads Guilty to Conducting Cyberattack to Win Business
The Chief Operating Officer (COO) of the Atlanta cybersecurity firm Securolytics has pled guilty to one count of intentional damage to a protected computer after masterminding a series of attacks on Gwinnett Medical Center in Georgia in an attempt to win new business.
Vikas Singla was indicted by a federal grand jury on June 8, 2021, for a series of attacks on Gwinnett Medical Center in Duluth and Lawrenceville, GA. The September 2018 attacks disrupted the medical center’s phone and network printer services, data was stolen from a Hologic R2 digitizing device, and the attacks resulted in damage being caused to 10 protected computers. According to the indictment, Singla was aided and abetted by other (unnamed) individuals in attacks that were conducted for financial gain and commercial advantage. Singla was charged with 17 counts of causing damage to a protected computer and one count of information theft and faced a maximum jail term of 10 years for each of the damaging a protected computer counts and a maximum of 5 years in jail for the theft of data count. Singla initially entered a not guilty plea and was released on bond while he awaited his trial. An Atlanta magistrate judge recommended dismissing the criminal charges against Singla; however, in March 2023, a federal judge rejected those recommendations. Singla’s attorneys then negotiated a plea deal under which Singla would agree to plead guilty to one count of intentional damage to a protected computer.
Singla admitted to sending a command on September 27, 2018, that resulted in the modification of a configuration template on the ASCOM phone system of the Gwinnett Medical Center campus in Duluth. The command rendered all phones connected to the system at the time of the transmission inoperable, and more than 200 ASCOM handset devices were taken offline. The phone system was used internally by doctors, nurses, and other staff members for communication, including code blue emergencies, and the ASCOM devices were also used for external communications.
Also on September 27, 2023, the protected health information of 300 patients was stolen from a password-protected Hologic R2 digitizing device, including names, dates of birth, and gender. The same day, Singla sent a command to more than 200 network printers, which caused them to print out patient data obtained from the digitizer, along with the message “WE OWN YOU.” The printers were used by the hospitals in connection with patient care.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
A few days after the attack, Singla caused a Twitter account to post 43 messages claiming that the Medical Center had suffered a cyberattack, with each of those messages containing the name, date of birth, and sex of a patient obtained from the digitizing device. In the days that followed, Singla attempted to create and use publicity about the attack to generate business for his company and emailed several potential clients offering them the services of Securolytics. The attacks resulted in financial harm of $817,804.12 to Gwinnett Medical Center.
According to Singla’s attorneys, incarcerating him would interfere with medical care for a rare case of terminal cancer and a dangerous vascular condition. Under the plea deal, the Department of Justice will recommend 57 months of probation, which will include home detention, and Singla has agreed to pay restitution of $817,804.12 to the medical center. The plea deal means Singla has given up his right to enter a not guilty plea and have a jury trial. The judge can impose a maximum term of 10 years imprisonment for the count of causing damage to a protected computer followed by up to 3 years of supervised release. In addition, a fine can be imposed for up to twice the loss in addition to full restitution.
Singla is due to be sentenced on February 15, 2024.
