- Handala hackers hit Stryker by way of compromised Intune admin
- Tens of 1000’s of gadgets wiped, however no knowledge theft confirmed
- Medical merchandise stay secure; order programs offline and handbook solely
When cybercriminals struck Stryker final week and wiped tens of 1000’s of digital gadgets, they did so with out utilizing any malware. As a substitute, they used Intune, Microsoft’s cloud-based endpoint administration service, sources are saying.
Final week, a hacking collective calling itself Handala (AKA HAtef, Hamsa) mentioned they broke into Stryker, a Fortune 500 healthcare firm with tens of billions in annual gross sales. They claimed to have stolen 50 terabytes of information and wiped “tens of 1000’s of programs and servers throughout the corporate’s community.”
“On this operation, over 200,000 programs, servers, and cell gadgets have been wiped, and 50 terabytes of essential knowledge have been extracted,” the attackers allegedly mentioned on the time. “Stryker’s places of work in 79 international locations have been pressured to close down.”
Article continues beneath
You could like
Abusing Intune
Stryker quickly confirmed the experiences with an 8-Okay submitting. A number of staff additionally confirmed their digital gadgets have been wiped in a single day.
Then, a “supply aware of the assault” instructed BleepingComputer that Handala managed to compromise an Intune admin account and used it to create a brand new World Administrator account. With the grasp account, they initiated the wipe command, erasing knowledge from nearly 80,000 gadgets in a matter of hours. The investigators have additionally disputed Handala’s claims of information exfiltration, saying they discovered no proof that any knowledge was eliminated in anyway.
In a subsequent replace, Stryker mentioned its medical gadgets are secure to make use of, however digital order programs are offline, that means clients can solely place orders manually, by way of gross sales representatives.
“All Stryker merchandise throughout our international portfolio, together with linked, digital, and life-saving applied sciences, stay secure to make use of,” the corporate mentioned. “This occasion was contained to Stryker’s inner Microsoft atmosphere, and consequently it didn’t have an effect on any of our merchandise—linked or in any other case.”
Though unconfirmed, experiences are saying Handala are “hacktivists linked to Iran’s Ministry of Intelligence and Safety”, focusing on largely Israeli organizations world wide.
By way of BleepingComputer
The very best antivirus for all budgets
Our prime picks, based mostly on real-world testing and comparisons
Observe TechRadar on Google Information and add us as a most popular supply to get our skilled information, evaluations, and opinion in your feeds. Be certain that to click on the Observe button!
And naturally it’s also possible to observe TechRadar on TikTok for information, evaluations, unboxings in video type, and get common updates from us on WhatsApp too.
