Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices

Medical tech elephantine Stryker said it’s successful the process of restoring its computers and interior web pursuing a cyberattack that reportedly allowed pro-Iranian hackers to remotely hitch tens of thousands of worker devices.

The hack, which brought ongoing wide disruption to the company’s operations, is thought to beryllium the archetypal large cyberattack successful the United States successful effect to the Trump administration’s warfare successful Iran.

Stryker said successful an update implicit the weekend that the March 11 cyberattack was contained to the company’s interior Microsoft environment, and that its internet-connected aesculapian products are “safe to use.”

While the origin of the breach is inactive nether investigation, the aesculapian instrumentality tech shaper said it has seen nary denotation of ransomware oregon malware. Stryker said its quality to process orders, manufacture, oregon vessel devices continues to beryllium disrupted.

A pro-Iran hacking radical called Handala took recognition for the destructive breach, claiming its hack was successful effect to a U.S. aerial onslaught connected an Iranian school that killed astatine slightest 175 people, mostly children. The hackers besides defaced the company’s login pages with its ain logo.

According to Bleeping Computer, the Handala hackers whitethorn person breached successful utilizing an interior Stryker head relationship that granted them near-unlimited access to the company’s Windows network. The hackers allegedly accessed the company’s Microsoft InTune dashboards, which allows the distant absorption of worker laptops and mobile devices, specified arsenic deleting information successful lawsuit an employee’s instrumentality is mislaid oregon stolen.

A palmy compromise of the company’s InTune dashboards would person allowed the hackers to remotely hitch worker phones and laptops, including idiosyncratic devices, without utilizing malware. 

The Wall Street Journal besides reported that the hackers targeted InTune.

A spokesperson for Stryker did not respond to a petition for remark oregon questions astir the breach, including whether the allegedly compromised relationship was protected with multi-factor authentication.

It’s unclear however the hackers obtained their entree to Stryker’s web to statesman with. Security researchers with Palo Alto Networks said the Handala hackers whitethorn person relied connected phishing to compromise Stryker’s network. IBM said the Iran-aligned hacking radical is known for utilizing phishing techniques and destructive attacks, including targeting the healthcare and vigor sectors. Infostealer malware, which tin bargain a person’s passwords and credentials, whitethorn besides beryllium to blame.

Stryker has 56,000 unit astir the satellite and operates successful much than 60 countries, according to Reuters.