Iran-Linked Hackers Launch Major Cyberattack On American Medical Company

[Awwal]

A hacker group believed to be linked to Iran has reportedly carried out a major cyberattack on an American medical technology company. The company affected is Stryker, a large healthcare equipment manufacturer based in Michigan in the United States. This incident appears to be the first significant cyberattack on an American company since tensions and conflict between the two countries began.

Stryker produces a wide range of medical tools, hospital technology, and healthcare equipment used around the world. The company confirmed that the attack disrupted its internal Microsoft-based systems. Specifically, the cyberattack affected the company's Microsoft environment, causing problems with communication and work operations among employees.

According to reports, an Iranian-linked hacker group called Handala Team claimed responsibility for the attack. The group announced its involvement through posts on social media platforms such as Telegram and X (Twitter). These hackers are known for publicly boasting about their cyber operations online, although their accounts are sometimes removed by the platforms.

One employee at Stryker revealed that many company-issued phones suddenly stopped working after the attack. This caused serious disruptions to daily work activities and communication among staff. Experts believe the hackers may have gained access to the company's device management system known as Microsoft Intune, which is used by organizations to manage and control company devices.

Cybersecurity experts say the hackers likely used a feature in Microsoft Intune that allows administrators to remotely erase or reset devices. Once they gained access, the attackers appear to have wiped several employee devices back to factory settings. This type of action can cause major disruption, even if the company's main internal servers are not directly hacked.

In a public statement, Stryker confirmed that the cyberattack caused a global network disruption but said there is no evidence that ransomware or malware was involved. The company also stated that the situation appears to be contained and its core systems were not directly compromised. However, cybersecurity experts continue to monitor the situation as tensions in cyber warfare between Iran and the United States remain a growing global concern.

Source: