Business continuity, Threat Intelligence

Stryker back online after cyberattack

Digital security heart lock with heartbeat graph, representing cybersecurity in healthcare. Futuristic, technology, protection and health concept.

BleepingComputer reports that major U.S. medical device firm Stryker has confirmed resuming full operations three weeks after a cyberattack by Iran-linked hacktivist operation Handala, which led to the wiping of several of its systems.

Handala claimed it stole 50 TB of data then wiped nearly 80,000 devices using a new Global Administrator account created after compromising a Windows domain admin. Stryker announced this week that manufacturing, ordering, and distribution systems are back to pre-attack levels, with production moving rapidly toward peak capacity.

"Overall product supply remains healthy, with strong availability across most product lines," the company stated, while adding that its investigation continues with third-party experts and government agencies. Investigators later found a malicious file that the attackers used to hide activity inside Stryker's network.

Such a development comes after the FBI's seizure of a pair of websites leveraged by Handala, which has previously targeted Israeli organizations with data-wiping malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds