Cybercrime , Fraud Management & Cybercrime , Healthcare

Security Firm COO Loses Bid to Dismiss Cyberattack Case

Judge Rejects Recommendations to Drop Case in Medical Center Incident
Security Firm COO Loses Bid to Dismiss Cyberattack Case
Prosecutors allege a network security firm's chief operating officer launched a 2018 cyberattack on Gwinnett Medical Center in Georgia.

A Georgia man who is the chief operating officer of a network security firm can't escape criminal charges related to a 2018 cyberattack against a local medical center.

See Also: OnDemand | Why The Healthcare Industry Has The Most Cyberattacks And What Hospitals Can Do About It

A federal judge rejected recommendations by an Atlanta magistrate judge to dismiss a criminal case against Vikas Singla.

Federal prosecutors charged Singla in 2021 with hacking offenses - in an 18-count indictment. They say that Singla conducted a cyberattack in September 2018 that affected two hospitals of Gwinnett Medical Center. The attack allegedly disrupted the medical system's Ascom phone service, obtained information from a Hologic R2 digitizing device, and disrupted a Lexmark printer network, in part for "commercial advantage and private financial gain." Fifteen of the charges against Singla stem from the Lexmark printer disruption (see: Security Firm COO Charged in Attack on Medical Center).

U.S. District Judge Michael Brown on Tuesday rejected the recommendations of a magistrate judge to approve a motion to dismiss the case. Singla's LinkedIn profile identifies him as being the current COO of Atlanta-based Securolytics, a job it says he has held since 2016.

Court documents do not specify the relationship that Singla had with Gwinnett Medical Center. He is described by prosecutors in court papers only as COO of an unnamed network security company that offered services "to the healthcare industry."

Motion Denied

Singla sought to have his indictment dismissed on grounds including an alleged lack of specificity in the charges against him. That includes the alleged "absence of essential facts" in the indictment, necessary for Singla to prepare his defense.

Among the "essential facts" Singla alleged was lacking are the nature of the "transmission" that occurred, the “"program, information, code or command" he allegedly transmitted, and the "damage" his conduct caused to the "protected computers."

While the magistrate judge who reviewed the case recommended Singla's motion to dismiss be granted, Brown disagreed, writing, "Singla has adequate information to defend against the allegations."

That includes details about evidence that was discussed with Singla and his defense attorney in communications during discovery. "The email demonstrates Defendant Singla understood the computers at issue," Brown wrote.

A defense attorney representing Singla in the case did not immediately respond to Information Security Media Group's request for comment on the latest developments in the case and for clarification about Singla's relationship with the medical center.

Singla and his apparent employer, Securolytics, also did immediately respond to ISMG's request for comment.

Northside Hospital System declined ISMG's request for comment on the latest developments in the case against Singla.

Brown referred the case back to the magistrate judge for consideration of any pretrial motions. A status conference for the case is slated for March 14.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.