Iran-Linked Hacker Group Claims Responsibility for Cyberattack on U.S. Medical Device Maker Stryker
Key Takeaways
- ▸Handala Team, an Iran-linked hacker group, conducted a destructive cyberattack on Stryker by compromising Microsoft Intune and remotely wiping employee devices
- ▸This marks a significant escalation from previous Iranian hacking activity, which has primarily focused on espionage and minor website defacements
- ▸The attackers exploited device management features to disrupt operations, affecting employee communications and work capabilities across the company
Summary
An Iran-linked hacker group called Handala Team has claimed responsibility for a significant cyberattack on Stryker, a Michigan-based medical technology company, marking what appears to be the first major cyberattack by Iranian hackers against a U.S. company since the outbreak of conflict between the nations. The attackers reportedly gained access to Stryker's Microsoft Intune management console and remotely wiped employee devices to factory settings, disrupting work communications and operations across the company. The incident represents an escalation from previous Iranian hacking activity, which had largely consisted of minor website alterations and espionage operations rather than destructive attacks. Stryker confirmed the cyberattack caused global network disruption but stated that ransomware was not involved and that the incident appears contained.
- Stryker confirmed the attack caused global network disruption but denied ransomware involvement, indicating the primary intent was disruption rather than financial extortion
