Home / Technology / Iran Hackers Wipe Thousands of Stryker Devices
Iran Hackers Wipe Thousands of Stryker Devices
20 Mar
Summary
- Iranian hackers wiped 80,000 Stryker devices in hours.
- Stryker operated on pen and paper after the attack.
- CISA urges enhanced endpoint security for US firms.
A recent cyberattack attributed to Iranian hacktivists has left Stryker in disarray, with nearly 80,000 company devices wiped in just a few hours. The attackers allegedly exploited a compromised Microsoft Intune admin account, leading to a severe operational disruption that forced the company to resort to manual, pen-and-paper methods.
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert to American businesses, warning them of similar targeting of endpoint management systems. CISA is collaborating with the FBI to identify and counter threats posed by the Handala collective, which is believed to be linked to Iran's Ministry of Intelligence and Security.
CISA's recommendations emphasize strengthening defenses through robust configuration of endpoint management tools. Key security measures include enforcing the principle of least privilege for administrative roles, utilizing role-based access control, implementing phishing-resistant multi-factor authentication, and configuring policies that require multi-admin approval for sensitive changes within systems like Microsoft Intune.
