"The agency said on Thursday that it was urging companies to take action and confirmed it was aware that hackers used their access to Stryker's Windows-based network to misuse its device endpoint systems, causing ongoing outages to the company's global operations."
"CISA said network administrators should ensure that certain user accounts who have access to systems like Microsoft Intune, which Stryker uses to remotely manage its employees' devices, can only make sensitive or high-impact changes (such as wiping devices) with a second administrator's approval."
"The hackers abused their access to Stryker's internal systems to access its Intune dashboards to remotely delete the data stored on tens of thousands of employee devices, including personal phones and computers connected to Stryker's network."
Pro-Iran hacktivists known as Handala successfully breached medical technology company Stryker's network and used access to its Microsoft Intune device management system to remotely wipe tens of thousands of employee devices, including personal phones and computers. The attack caused global operational disruptions, though medical devices remained functional while supply, ordering, and shipping systems went offline. CISA responded by advising companies to require multi-administrator approval for sensitive changes to endpoint management systems. Stryker confirmed the breach on March 11 and stated no malware or ransomware was deployed, though the hackers allegedly stole company data. The group claimed the attack was retaliation for U.S. military actions in Iran.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]