Chief Operating Officer of network security company charged with cyberattack on Gwinnett Medical Center | USAO-NDGA

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

ATLANTA – Vikas Singla has been arraigned on charges arising out of a cyberattack conducted on Gwinnett Medical Center in 2018. Singla was indicted by a federal grand jury on June 8, 2021.

“Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety,” said Acting U.S. Attorney Kurt R. Erskine. “In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”

“Criminal disruptions of hospital computer networks can have tragic consequences,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”

“This cyberattack on a hospital not only could have had disastrous consequences, but patient’s personal information was also compromised,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed.”

According to Acting U.S. Attorney Erskine, the indictment, and other information presented in court: Vikas Singla, the Chief Operating Officer of a metro-Atlanta network security company that served the healthcare industry, allegedly conducted a cyberattack on Gwinnett Medical Center that involved:

  • Disrupting phone service,
  • Obtaining information from a digitizing device, and
  • Disrupting network printer service.

The indictment further alleges that the cyberattack was conducted, in part, for financial gain. 

Vikas Singla, 45, of Marietta, Georgia, made his initial appearance before U.S. Magistrate Judge Linda T. Walker.  Singla was charged with 17 counts of intentional damage to a protected computer and one count of obtaining information from a protected computer. Members of the public are reminded that the indictment only contains charges. The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a…


Latvian woman charged for alleged role in transnational ransomware scheme targeting 11 countries | Washington Examiner

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

A Latvian national faces federal charges for allegedly participating in a transnational plot using ransomware to steal money and other confidential information from victims, including Americans.

Alla Witte, 55, was arraigned in the U.S. District Court for the Northern District of Ohio on Friday on 19 counts in a 47-count indictment brought against the “Trickbot Group,” named for the Trickbot malware used in the plot, according to the Justice Department.

As part of their cybercrime scheme, Witte and other conspirators, who operated in Russia, Belarus, Ukraine, and Suriname, allegedly began using the malware in November 2015 to steal from individuals, hospitals, schools, public utilities, banks, and governments in the United States, the United Kingdom, Australia, Belgium, Canada, Germany, India, Italy, Mexico, Spain, and Russia.


Witte, who resided in Suriname when the cybercrimes occurred, was a developer for the group and oversaw the creation of computer code used to control the ransomware, obtain payment from victims, and store stolen information, according to court documents.

The group infected millions of computers worldwide, including those belonging to individuals and business entities within the Northern District of Ohio, to harvest credit card information, passwords, social security numbers, and addresses and to steal funds from victims’ bank accounts, the indictment said.

“The Trickbot malware was designed to steal the personal and financial information of millions of people around the world, thereby causing extensive financial harm and inflicting significant damage to critical infrastructure within the United States and abroad,” acting U.S. Attorney Bridget Brennan of the Northern District of Ohio said in a Justice Department news release.

A warrant was issued for Witte on Aug. 13, 2020, and she was arrested Feb. 6 in Miami.

Witte faces one count each of conspiracy to commit computer fraud and aggravated identity theft, conspiracy to commit wire and bank fraud, and conspiracy to commit money laundering, as well as eight counts of bank fraud and eight counts of aggravated…


Latvian national charged with writing malware used by Trickbot hackers

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

Written by Sean Lyngaas

U.S. prosecutors have charged a 55-year-old Latvian national with developing computer code used in tandem with the infamous malicious software known as TrickBot, which has defrauded countless people while infecting tens of millions of computers worldwide.

The defendant, known as Alla Witte, was arraigned in a federal court in Cleveland on Friday after being arrested in Miami in February, the Justice Department said. She is accused of being part of a criminal organization that operated in Russia, Belarus, Ukraine and Suriname, and which infected the computers of hospitals, schools, public utilities and government agencies in the U.S.

Witte wrote “code related to the control, deployment, and payments of ransomware,” the Justice Department said in a press release. She also allegedly provided computer code to other members of the criminal group that tracked users of the TrickBot malware. The malicious code was designed to steal banking login credentials, credit card numbers and other sensitive personal data that can be used for fraud.

Witte is charged with 19 criminal counts, including with conspiracy to commit computer fraud and aggravated identify theft.

TrickBot has been one of the prominent hacking tools for scammers in recent years.

Cybercriminals used the malware to assemble a vast botnet, or army of compromised computers, to infect computers with ransomware. Concerned by the threat of ransomware ahead of the 2020 election, U.S. Cyber Command and tech companies sought to knock some of TrickBot’s infrastructure offline, but the botnet has lived on.

In a statement Friday, Deputy Attorney General Lisa Monaco lauded Witte’s indictment as an example of the “broad reach” of a new Justice Department task force to combat ransomware. After the disruptions of major fuel and meat suppliers, ransomware has vaulted to among the top national security issues facing the Biden administration.

An attorney for Witte could not be immediately reached for comment on Friday. She faces decades in prison if convicted on all charges.

You can read Witte’s full indictment online.


National Digest: Swiss hacker charged with computer intrusion, identity theft in U.S.

Federal prosecutors said Thursday that Kottmann, of Lucerne, Switzerland, was initially charged in September. The range of allegations date back to 2019 and involve the alleged theft of credentials and data and publishing source code and proprietary information from more than 100 entities, including companies and government agencies.

Kottmann has described the most recent leak of camera footage taken from customers of California security-camera provider Verkada as part of a “hacktivist” cause of exposing the dangers of mass surveillance. Kottmann, who uses they/them pronouns, told the Associated Press in an online chat last week that they found the credentials needed to enter the site exposed on the open Internet.

Kottmann didn’t return an online request for comment. Swiss lawyer Marcel Bosonnet said he is representing Kottmann but declined further comment Friday.

Swiss authorities said they had raided Kottmann’s home in Lucerne late last week at the request of U.S. authorities. Prosecutors said the FBI recently seized a website domain that Kottmann used to publish hacked data online.

It’s not clear if U.S. prosecutors will to try to extradite Kottmann, who remains in Lucerne and was notified of the pending charges.

Legislature closes after coronavirus outbreak

The Idaho Legislature voted Friday to shut down for several weeks because of a coronavirus outbreak.

Lawmakers in the state House and Senate moved to recess until April 6 with significant unfinished business, including setting budgets and pushing through a huge income tax cut.

At least six of the 70 House members tested positive for the coronavirus in the last week, and there are fears a variant of it is in the Capitol.

“The House has had several positive tests, so it is probably prudent that the House take a step back for a couple weeks until things calm down and it’s not hot around here for covid,” House Majority Leader Mike Moyle said before the votes.

Five of those who tested positive are Republicans and one is Democrat. Another Republican lawmaker is self-isolating. The chamber has a supermajority of 58 Republicans, most of whom rarely or never wear masks. All of the state’s Democratic lawmakers typically…