Network security vendor COO accused of medical center cyberattack

By | June 15, 2021

On June 10, the Department of Justice announced that the chief operating officer of an Atlanta-area network security company had been arrested on charges relating to a 2018 cyberattack on a Georgia health system.

Vikas Singla, whose LinkedIn lists him as working for the cloud-based threat detection platform Securolytics, was accused of targeting Gwinnett Medical Center in part for financial gain.  

“This cyberattack on a hospital not only could have had disastrous consequences, but patients’ personal information was also compromised,” said Special Agent in Charge Chris Hacker of the FBI’s Atlanta field office, in a statement.  

“The FBI and our law enforcement partners are determined to hold accountable those who allegedly put people’s health and safety at risk, while driven by greed,” Hacker said.  

WHY IT MATTERS

According to court documents, Singla is accused of attempting to disrupt the phone and network printer service of Gwinnett Medical Center, now known as Northside Hospital after a 2019 merger.   

He is also charged with intentionally attempting to obtain information from a protected computer: the Hologic R2 Digitizer.  

Hologic’s R2 technology is frequently used in connection with mammography.  

The indictment reads that the offense was committed for “purposes of commercial advantage and private financial gain.”  

If completed, court documents say that the incident would have led to the impairment of care for at least one individual.  

Singla is charged with 17 counts of intentional damage to a protected computer, each of which carries a maximum penalty of ten years’ imprisonment, and one count of obtaining information by computer from a protected computer, which carries a maximum penalty of five years’ imprisonment.   

See also  A Concerning Gap in Cybersecurity for Medical Technology

“Cyberattacks that target important infrastructure, like health care, pose a serious threat to public health and safety,” said Acting U.S. Attorney Kurt R. Erskine for the Northern District of Georgia in a statement.   

“In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain,” Erskine added.  

Neither Northside nor Gwinnett are currently listed on Securolytics’ customer page. Requests from Securolytics for comment were not returned.

THE LARGER TREND  

At a time when several high-profile cyberattacks have been linked to powerful nation-states or shadowy multinational groups, it’s vital to remember that privacy and security risks can also arise much closer to home.  

Recently, a data breach potentially compromised the information of about 72,000 residents involved in Pennsylvania’s COVID-19 contact-tracing program. That breach was linked to employees of a third-party vendor that were accused of disregarding security protocols.

ON THE RECORD  

“Criminal disruptions of hospital computer networks can have tragic consequences,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s criminal division in a statement. “The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

News from healthcareitnews.com