The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has warned firms to safe methods for managing their fleets of worker gadgets after pro-Iran hackers broke into medical tech large Stryker and mass-wiped hundreds of its telephones, tablets, and computer systems.
The company mentioned on Thursday that it was urging firms to take motion and confirmed it was conscious that hackers used their entry to Stryker’s Home windows-based community to misuse its machine endpoint methods, inflicting ongoing outages to the corporate’s international operations.
Among the many recommendation, CISA mentioned community directors ought to make sure that sure person accounts which have entry to methods like Microsoft Intune, which Stryker makes use of to remotely handle its staff’ gadgets, can solely make delicate or high-impact adjustments (corresponding to wiping gadgets) with a second administrator’s approval.
Stryker, which develops medical gadgets and gear for hospitals, confirmed on March 11 that it had been hacked, saying it was experiencing “international disruption” to its community.
The corporate mentioned the hackers didn’t deploy malware or ransomware, however studies say that the hackers abused their entry to Stryker’s inside methods to entry its Intune dashboards to remotely delete the information saved on tens of hundreds of worker gadgets, together with private telephones and computer systems linked to Stryker’s community.
Stryker has since mentioned it contained the cyberattack and is restoring its methods. Whereas the corporate’s medical gadgets stay operational, Stryker mentioned its provide, ordering, and transport methods stay offline.
Stryker has not given a timeline for its restoration. The corporate didn’t reply to information.killnetswitch’s request for remark.
A bunch of pro-Iran hacktivists, generally known as Handala, took credit score for the cyberattack on Stryker final week, saying it hacked the corporate in retaliation for the U.S. killing of dozens of kids in an air strike on a faculty in Iran. The hackers claimed to have stolen reams of knowledge from the corporate’s community, however didn’t instantly present proof for that declare.
The FBI seized the Handala group’s web site on Wednesday, information.killnetswitch reported.
