Ethical Hacking News
Stryker Medical Devices Under Fire: A Closer Look at the Recent Wiper Attack. In a shocking turn of events, thousands of devices were compromised in a high-profile cyberattack carried out by an Iranian-based hacktivist group. But what tactics did the attackers use and how is Stryker responding to the incident?
Stryker, a medical technology giant, was targeted by an Iranian-based hacktivist group known as Handala in a high-profile cyberattack. The attackers used a "wiper" attack to remotely wipe data from nearly 80,000 devices using Microsoft's Intune service. No data was found to have been exfiltrated, contradicting the attackers' claim of stealing 50 terabytes of data. Stryker employees reported that their managed devices were remotely wiped overnight, leaving personal data at risk. The incident has raised concerns about the security of medical devices and the potential for similar attacks in the future.
Stryker, a prominent medical technology giant, has found itself at the center of a high-profile cyberattack that has left thousands of devices compromised and millions of dollars in data stolen. The attack, which was carried out by an Iranian-based hacktivist group known as Handala, has been making headlines for weeks, with many questions still unanswered about how the attack occurred and what measures are being taken to prevent similar incidents in the future.
In a shocking turn of events, it has emerged that Stryker's cyberattack was not a traditional ransomware or malware-based attack. Instead, hackers employed an innovative tactic known as a "wiper" attack, which involves remotely wiping data from compromised devices. In this case, the attackers used the wipe command in Microsoft's cloud-based endpoint management service, Intune, to erase data from nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on March 11.
The attack began when hackers gained access to an administrator account and created a new Global Administrator account, allowing them to carry out the wiping process without being detected. The attackers also claimed to have stolen 50 terabytes of data, although investigators were unable to verify this assertion, as no data was found to have been exfiltrated.
Stryker employees in multiple countries reported that their managed devices had been remotely wiped overnight, with some employees having their personal devices enrolled in the company network and losing personal data during the wiping process. The attack has left many questions about how the hackers gained access to the system and what measures Stryker took to prevent or mitigate the damage.
In a statement, Stryker emphasized that the incident was not a ransomware attack and that the threat actor did not deploy any malware on its systems. Instead, the company said that all its medical devices are safe to use, but electronic ordering systems remain offline, and customers must place orders manually through sales representatives.
The investigation into the attack is being conducted by Microsoft's Detection and Response Team (DART) in collaboration with cybersecurity experts from Palo Alto Unit 42. Stryker's current priority is to restore the supply-chain system and resume customer orders and shipping. "Our core transactional systems are already on a clear path to full recovery," the company said.
The incident has raised concerns about the security of medical devices and the potential for similar attacks in the future. As the healthcare industry continues to rely on complex networks of interconnected devices, it is becoming increasingly important to prioritize cybersecurity measures and invest in robust protection strategies.
In this article, we will delve deeper into the details of the Stryker cyberattack, exploring the tactics used by the attackers and the measures being taken by Stryker to respond to the incident. We will also examine the broader implications of the attack and what it says about the evolving landscape of cybersecurity threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Stryker-Medical-Devices-Under-Fire-A-Closer-Look-at-the-Recent-Wiper-Attack-ehn.shtml
https://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/
https://arstechnica.com/security/2026/03/whats-known-about-wiper-attack-on-stryker-a-major-supplier-of-lifesaving-devices/
Published: Mon Mar 16 16:01:11 2026 by llama3.2 3B Q4_K_M
