{"id":196389,"date":"2026-03-16T12:03:00","date_gmt":"2026-03-16T16:03:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/16\/stryker-attack-raises-concerns-about-role-of-device-management-tool\/"},"modified":"2026-03-16T12:10:13","modified_gmt":"2026-03-16T16:10:13","slug":"stryker-attack-raises-concerns-about-role-of-device-management-tool","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/16\/stryker-attack-raises-concerns-about-role-of-device-management-tool\/","title":{"rendered":"Stryker attack raises concerns about role of device management tool"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/stryker-attack-device-management-microsoft-iran\/814816\/\">Stryker attack raises concerns about role of device management tool<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/stryker-attack-device-management-microsoft-iran\/814816\/\">https:\/\/www.cybersecuritydive.com\/news\/stryker-attack-device-management-microsoft-iran\/814816\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-16 12:03:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>A suspected wiper attack against medtech giant Stryker has led much of the security community to examine the role of Microsoft Intune.\u00a0<br \/>\nStryker, a Portage, Mich.-based specialist in surgical equipment, was hacked last week in an attack that affected thousands of mobile devices and other systems.\u00a0<br \/>\nThe company, in a regulatory filing, confirmed the attack impacted its Microsoft environment and warned in a customer update that its electronic ordering systems remain unavailable.\u00a0<br \/>\nAn Iran-linked hacker tracked under the name Handala\u00a0claimed credit for the attack, according to Check Point Research. The hacker claims to have stolen 50 terabytes of data and to have wiped information from thousands of servers and mobile devices in the process.\u00a0<\/p>\n<p>Researchers from Halcyon told Cybersecurity Dive the Stryker attack impacted all phones and workstations with an Intune base 64 string. Intune is normally used to push software or manage devices that are base-64 encoded, according to researchers.<br \/>\nThe payload included remote wipe commands, which were used to delete data on all affected devices, according to Halycon.<br \/>\nIn order to conduct such an attack, a hacker would need to obtain Intune administrator or global administrator privileges, researchers said.\u00a0<br \/>\nPaddy Harrington, a senior analyst at Forrester, said the attack does not point to any inherent weakness in Microsoft Intune, but essentially utilizes living-off-the-land techniques to bypass existing security systems.\u00a0<br \/>\nAttacks using mobile device management platforms are not new and have been used to conduct significant attacks in recent years. Harrington points to a January attack against the European Commission and a 2020 attack against a multinational firm using a Cerberus banking Trojan.\u00a0<br \/>\n\u201cUsing MFA to access MDM\/UEM can reduce the likelihood of a simple account takeover attack. And for destructive functions like wipe actions, Intune and other modern platforms have a multiaccount approval feature that ensures that no one person can make critical changes,\u201d Harrington told Cybersecurity Dive.<br \/>\nResearchers from Palo Alto Networks Unit 42 would not comment on the specifics of the Stryker attack, but cited a March 6 report from Israel\u2019s National Cyber Directorate about destructive wiper attacks targeting servers and workstations at several companies with the goal of deleting data, according to a blog post published Thursday.\u00a0<br \/>\nIn some of those attacks, hackers gained access to credentials or other information from legitimate users and weaponized that to gain initial access to systems, according to Unit 42 blog post.\u00a0<br \/>\nMicrosoft has thus far declined to comment on the incident, but a spokesperson told Cybersecurity Dive it would provide an update if any additional information became available.<br \/>\nStryker has been working with third-party forensic experts to investigate the attack and the Cybersecurity and Infrastructure Security Agency has been investigating the attack as well.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Stryker attack raises concerns about role of device management tool https:\/\/www.cybersecuritydive.com\/news\/stryker-attack-device-management-microsoft-iran\/814816\/ Publish Date: 2026-03-16 12:03:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":196390,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/77cSuYhzgcWYOhoW_IX_ypXJzDT4abw9G9opztCvWTM\/g:nowe:0:0\/c:3000:1694\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9HZXR0eUltYWdlcy0yMTM2MzQxNjc1LmpwZw==.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,35],"class_list":["post-196389","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-hacker"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/196389"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=196389"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/196389\/revisions"}],"predecessor-version":[{"id":196391,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/196389\/revisions\/196391"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/196390"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=196389"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=196389"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=196389"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}