Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned companies to secure systems to manage their fleets of employee devices after pro-Iranian hackers hacked them. Medical technology giant Stryker They collectively wiped thousands of their phones, tablets and computers.
Agency He said on Thursday It was urging companies to take action and confirmed that it was aware that hackers used their access to the Windows-based Stryker network to abuse the devices’ endpoint systems, causing ongoing disruption to the company’s global operations.
Among the tips, CISA said network administrators should ensure that certain user accounts with access to systems like Microsoft Intune, which Stryker uses to manage its employees’ devices remotely, can only make sensitive or high-impact changes (such as wiping devices) with the second administrator’s approval.
Stryker, which develops medical devices and equipment for hospitals, confirmed on March 11 that it had been hacked, saying it was experiencing a “global disruption” in its network.
The company said the hackers did not spread malware or ransomware, however Reports say That the hackers abused their access to Stryker’s internal systems to access its Intune dashboards to remotely delete data stored on tens of thousands of employee devices, including personal phones and computers connected to the Stryker network.
Stryker has since said it contained the cyberattack and is restoring its systems. While the company’s medical devices remain operational, Stryker said its supply, ordering and shipping systems remain offline.
Stryker did not provide a timeline for recovery. The company did not respond to TechCrunch’s request for comment.
A group of pro-Iranian hacktivists, known as Handala, He took credit for the cyberattack on Stryker It said last week that it had hacked the company in retaliation for the US killing of dozens of children in an air strike on a school in Iran. The hackers claimed to have stolen large amounts of data from the company’s network, but did not immediately provide proof of this claim.
The FBI took control of the Handala Group’s website on Wednesday. TechCrunch reported.