Inside Job: Cyber Exec Admits to Hospital Hacks
Healthcare cyber services executive Vikas Singla admits to hobbling hospital operations, then using the incidents to try and gin up extra business.
November 20, 2023
A deeply misguided former executive with a healthcare network security firm has pled guilty to intentionally compromising a Georgia hospital network as a sales strategy.
It didn't work.
A US District Court in Georgia released the filing from the Nov. 16 court proceeding detailing the guilty plea from Vikas Singla, who accepted full responsibility for the cyberattacks against two Gwinnett Medical Center locations in Duluth and Lawrenceville, Georgia.
In September 2018, Singla gained unauthorized access to the GMC phone system and made changes to its operating system, taking down the entire phone system, including those used to make emergency calls inside the hospitals. The filing said more than 200 phones were out of commission as a result of Singla's actions.
Singla admits he also accessed sensitive information on more than 300 patients.
To add a cruel element of fear, Singla also sent a command resulting in more than 200 printers on the GMC network to print the message, "WE OWN YOU."
Following the attack, Singla tried to generate publicity for the compromise through a Twitter account. And in the filing he admitted to soliciting potential clients for security services by citing the GMC breach.
Singla will likely avoid jail time due to a medical issue and his willingness to admit responsibility, according to the DOJ. The guilty plea also includes deportation and restitution payments totaling more than $800,000.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024