By Breaking Editor 
One week later, the world is still on fire and what feels like the opening salvo of a new threat surface is emerging: powerful hacks on key targets of the military industrial complex. This time it’s the people who live within this social military order having their information threatened.
Medical technology giant Stryker is currently engaged in efforts to restore operations following a significant cyberattack attributed to the Iran-aligned hacking group known as Handala. This attack, which occurred on March 11, has reportedly led to the remote wiping of over 200,000 employee devices across the company’s global network, severely disrupting access and operations in 61 countries.
The attack has garnered attention for its scale and sophistication, utilizing Stryker’s own Microsoft Intune Mobile Device Management (MDM) to facilitate the extensive damage. According to reports, the wiper of choice for the hackers was dubbed “CrowdStrike.bin,” indicating a high level of familiarity with the victim’s environment. As of now, Stryker has confirmed that nearly 80,000 devices have been affected, and recovery efforts are ongoing but complex.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are actively providing support to Stryker in managing the aftermath of the attack, which has prompted concerns about the vulnerability of critical healthcare infrastructure. Although the company reported that patient-related medical devices were unaffected, the disruption has led to delayed surgeries and heightened scrutiny of cybersecurity across the healthcare sector.
Censys, a cybersecurity firm, highlighted the intricate nature of Stryker’s attack surface, noting nearly 2,000 internet-facing hosts were observed connected to the company. The attack underscores escalating cybersecurity threats facing U.S. companies, particularly within the healthcare industry. With the fallout from this incident likely extending to customers, employees, and shareholders, the economic impacts are expected to be significant.
As Stryker continues its recovery efforts, the focus on strengthening cybersecurity measures is more critical than ever to prevent future incursions by state-sponsored and other malicious actors.