Stryker Down! Iranians Hack the Healthcare Sector Technology Provider


d94fe98e6bbffb1725798b27abbf78735fe1e0544f25b4fa762bbccd910579a6.jpg

Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data and severed employee access, likely from an Iranian sponsored hacking group.

Stryker Corporation is a global leader in medical technology, with over $22 billion in sales and 53 thousand employees. The company provides critical healthcare equipment and solutions to hospitals, fire departments, paramedics, and medical facilities worldwide.

Healthcare is a critical infrastructure sector and Stryker is a prominent supplier of life-safety equipment in over 60 countries, impacting more than 150 million patients according to their website.

The attack appears to have been a digital decapitation hack, at the administrator access-level, that wiped internal systems data, including corporate endpoint devices and phones.

It has been reported that the attackers left the logo of Handala, a known Iranian hacktivist proxy group, on Stryker’s internal login and admin pages. Handala has been very active and recently turned loose by Iran’s Islamic Revolutionary Guard Corps (IRGC) and Ministry of Intelligence and Security (MOIS), attacking critical infrastructure sectors with a focus on finance organizations. Today, they branched out to healthcare.

I predicted these kinds of destructive attacks were coming from Iran in a recent post: https://matthewrosenquist.substack.com/p/5-actions-critical-for-cybersecurity

Stryker is in containment and recovery mode. Nation-state destructive attacks can be a whole new level of pain, compared to regular cyberattacks. The eviction and recovery are especially challenging. Given the nature of attack, they must also evaluate their devices and services to understand if they have been compromised. Their equipment can be found in the hands of paramedics, as an essential life-safety tool for emergency care.

Hopefully, we will see Stryker restore services and validate integrity quickly. As a former cyber incident commander of a F100 global tech company, I sincerely empathize with the challenges the response team is facing.

Organization across the healthcare industry, including the supply chain ecosystem, should take note. This incident demonstrates how geopolitical conflicts can impact us all when critical infrastructures are targeted.

More attacks will be coming as Iran re-establishes their communications, media, leadership, and leverages influence with other like-minded allies.

It is time that every healthcare organization take proactive action to validate their cybersecurity, enhance their protection, and verify their operational ability to recover!

As geopolitical tensions continue escalate, we will see more cyber operations by aggressive nations.

How do you rate this article?

8


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.


Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.