The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has warned corporations to safe techniques for managing their fleets of worker units after pro-Iran hackers broke into medical tech large Stryker and mass-wiped hundreds of its telephones, tablets, and computer systems.
The company said on Thursday that it was urging corporations to take motion and confirmed it was conscious that hackers used their entry to Stryker’s Home windows-based community to misuse its machine endpoint techniques, inflicting ongoing outages to the corporate’s international operations.
Among the many recommendation, CISA mentioned community directors ought to be sure that sure person accounts which have entry to techniques like Microsoft Intune, which Stryker makes use of to remotely handle its workers’ units, can solely make delicate or high-impact modifications (corresponding to wiping units) with a second administrator’s approval.
Stryker, which develops medical units and gear for hospitals, confirmed on March 11 that it had been hacked, saying it was experiencing “international disruption” to its community.
The corporate mentioned the hackers didn’t deploy malware or ransomware, however stories say that the hackers abused their entry to Stryker’s inner techniques to entry its Intune dashboards to remotely delete the information saved on tens of hundreds of worker units, together with private telephones and computer systems related to Stryker’s community.
Stryker has since mentioned it contained the cyberattack and is restoring its techniques. Whereas the corporate’s medical units stay operational, Stryker mentioned its provide, ordering, and delivery techniques stay offline.
Stryker has not given a timeline for its restoration. The corporate didn’t reply to TechCrunch’s request for remark.
A gaggle of pro-Iran hacktivists, often called Handala, took credit score for the cyberattack on Stryker final week, saying it hacked the corporate in retaliation for the U.S. killing of dozens of youngsters in an air strike on a faculty in Iran. The hackers claimed to have stolen reams of information from the corporate’s community, however didn’t instantly present proof for that declare.
The FBI seized the Handala group’s web site on Wednesday, TechCrunch reported.
