Multinational medical device maker Stryker has confirmed a significant cyberattack that has disrupted its Microsoft network environment. The incident, which occurred shortly after US and Israeli airstrikes on Iran, has been claimed by the Handala Hack group, known for its alleged ties to the Iranian government.
Stryker stated that while its critical Lifepak, Lifenet, and Mako medical devices remain operational, there is no timeline for restoring normal day-to-day activities. The company has indicated that ransomware or malware were not involved, and the incident appears contained to its internal Microsoft environment. The exact method of breach remains unknown, but speculation points to the potential use of Microsoft's InTune tool for remote device management to issue data-wiping commands across the Windows network.
Handala Hack, which has been active since at least 2023, claims affiliation with Iran’s Ministry of Intelligence and Security. The group cited recent military actions by the US and Israel as justification for the attack, aiming to demonstrate the capacity for retaliation against Western organizations. Experts suggest such attacks are intended to exert psychological pressure and signal that pro-Iranian forces can inflict material consequences.