A Marietta man who was serving as the chief operating officer at a network security company is facing more than a dozen charges for allegedly conducting a cyberattack against Gwinnett Medical Center in September 2018.
Vikas Singla, 45, was indicted by a federal jury on Tuesday with 17 counts of intentional damage to a protected computer and one count of obtaining information from a protected computer for accessing computers belonging to the hospital system, which has since merged into Northside Hospital’s network, at its campuses in Lawrenceville and Duluth.
“Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety,” Acting U.S. Attorney Kurt R. Erskine said. “In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”
The majority of the charges that Singla faces stems from allegations that, according to the indictment, he used help from unknown individuals to “knowingly caused and attempted to cause the transmission of a program, information, code and command, and as a result of such conduct, intentionally caused and attempted to cause damage without authorization to a protected computer — that is one or more computers used by Gwinnett Medical Center (in) Duluth and Lawrenceville” that operated printers.
It also alleges attacks on Ascom phone system at Gwinnett Medical’s Duluth campus and illegal access to the Hologic R2 Digitizer at the hospital system’s Lawrenceville campus.
More specifically, officials at the Department of Justice accused Singla of disrupting the hospital’s phone service, disrupting the hospital’s network printer service and obtained information from the digitizing device. Prosecutors allege the attack was, at least in part, committed for financial gain. The indictment states accessing the digitizer also could have given Singla an unspecified “commercial advantage.”
Hologic is a company that produces devices used to detect, diagnose and treat women’s health conditions, although an exact description of what the R2 Digitizer could not be found on the company’s website.
Prosecutors alleged in the indictment that Singla’s actions could have: damaged at least 10 computers; impaired the medical examination, diagnosis, treatment of care of at least one patient; and caused a loss to Gwinnett Medical by affecting computers cumulatively worth at least $5,000.
The Department of Justice did not identify which company Singla worked for in the indictment, but it did say he was the COO for network security company that was based in metro Atlanta and served the healthcare industry.
“This cyberattack on a hospital not only could have had disastrous consequences, but patient’s personal information was also compromised,” FBI Atlanta Special Agent in Charge Chris Hacker said. “The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed.”
Justice Department Criminal Division Acting Assistant Attorney General Nicholas L. McQuaid added, “Criminal disruptions of hospital computer networks can have tragic consequences. The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”