Inside Job: Cyber Exec Admits to Hospital Hacks
Healthcare cyber services executive Vikas Singla admits to hobbling hospital operations, then using the incidents to try and gin up extra business.
November 20, 2023
A deeply misguided former executive with a healthcare network security firm has pled guilty to intentionally compromising a Georgia hospital network as a sales strategy.
It didn't work.
A US District Court in Georgia released the filing from the Nov. 16 court proceeding detailing the guilty plea from Vikas Singla, who accepted full responsibility for the cyberattacks against two Gwinnett Medical Center locations in Duluth and Lawrenceville, Georgia.
In September 2018, Singla gained unauthorized access to the GMC phone system and made changes to its operating system, taking down the entire phone system, including those used to make emergency calls inside the hospitals. The filing said more than 200 phones were out of commission as a result of Singla's actions.
Singla admits he also accessed sensitive information on more than 300 patients.
To add a cruel element of fear, Singla also sent a command resulting in more than 200 printers on the GMC network to print the message, "WE OWN YOU."
Following the attack, Singla tried to generate publicity for the compromise through a Twitter account. And in the filing he admitted to soliciting potential clients for security services by citing the GMC breach.
Singla will likely avoid jail time due to a medical issue and his willingness to admit responsibility, according to the DOJ. The guilty plea also includes deportation and restitution payments totaling more than $800,000.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024