In a shocking revelation, Vikas Singla, the former Chief Operating Officer (COO) of network Cyber Security firm Securolytics, has admitted to hacking two US hospitals with the sinister motive of generating business for the company he worked for.
This alarming breach of trust and ethics unfolded at the Gwinnett Medical Centre’s (GMC) expense, resulting in a staggering financial loss exceeding $817,000. Let’s delve into the details of this cyber crime and its far-reaching consequences.
The Cyber Security Hacking Incident
Singla’s plea agreement sheds light on the extent of his actions, which caused significant disruption to the operations of two Georgia-based hospitals affiliated with GMC. The defendant targeted crucial systems, including printers, phone systems, and the Digitizer, leaving a trail of chaos in his wake.
On September 27th, 2018, Singla disabled several hundred ASCOM phones used by hospital staff, severely impacting daily activities. Simultaneously, he seized sensitive patient information, including names and dates of birth, connected to a mammography machine.
The Cyber Security breach escalated as Singla took control of 200 printers across both hospitals, using them to print stolen patient names along with a chilling “WE OWN YOU” message.
Exploiting the Attack for Publicity
The plea agreement reveals Singla’s attempt to capitalize on the attack by creating publicity. He intended to leverage the unauthorized information obtained from the Digitizer to generate business for Securolytics.
Taking advantage of the situation, he set up a Twitter account a few days later, posting numerous messages claiming that GMC had fallen victim to a cyberattack. To substantiate these claims, Singla shared the stolen patient details. Once the attack concluded, Securolytics seized the opportunity to email potential clients, citing the GMC hack as a cautionary example.
Acknowledging the severe consequences of his actions, Singla has agreed to pay over $817,000 in damages to the affected hospitals.
Despite facing the possibility of up to ten years in prison, the prosecution is inclined to recommend a sentence of 57 months of home detention. This leniency stems from Singla’s diagnosis of an incurable form of cancer, highlighting the complexity of balancing justice with compassion.
The case of Vikas Singla serves as a stark reminder of the ethical responsibilities that come with positions of trust in the Cyber security sector.
The breach not only compromised the security of two hospitals but also underscored the lengths some individuals may go to for personal gain.
As the legal proceedings unfold, the incident prompts a broader reflection on the importance of upholding ethical standards in the ever-evolving landscape of Cyber security.
We hope you’ve enjoyed this blog. Be sure to watch out for our future weekly blog releases and thanks for reading!