{"id":198237,"date":"2026-03-22T08:01:00","date_gmt":"2026-03-22T12:01:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/22\/stryker-cyberattack-iran-linked-hackers-wipe-200000-devices-in-global-disruption\/"},"modified":"2026-03-22T12:35:17","modified_gmt":"2026-03-22T16:35:17","slug":"stryker-cyberattack-iran-linked-hackers-wipe-200000-devices-in-global-disruption","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/22\/stryker-cyberattack-iran-linked-hackers-wipe-200000-devices-in-global-disruption\/","title":{"rendered":"Stryker cyberattack: Iran-linked hackers wipe 200,000 devices in global disruption"},"content":{"rendered":"<p><a href=\"https:\/\/mynorthwest.com\/local\/stryker-cyberattack-iran\/4218765\">Stryker cyberattack: Iran-linked hackers wipe 200,000 devices in global disruption<\/a><\/p>\n<p><a href=\"https:\/\/mynorthwest.com\/local\/stryker-cyberattack-iran\/4218765\">https:\/\/mynorthwest.com\/local\/stryker-cyberattack-iran\/4218765<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-22 08:01:00<\/a><\/p>\n<p>Source Domain: <a href=\"mynorthwest.com\">mynorthwest.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>                        An Iran-linked hacking group launched a massive cyberattack on Stryker Corporation, wiping more than 200,000 devices worldwide by exploiting the company\u2019s own system, cybersecurity experts say.<br \/>\nThe March 11 attack, attributed to the hacker group Handala, targeted administrator-level accounts and used them to issue remote wipe commands across Stryker\u2019s global network. The breach impacted devices in 79 countries, including laptops, smartphones, and servers.<br \/>\nExperts said the attackers used a \u201cliving off the land\u201d technique, meaning they leveraged legitimate internal tools instead of deploying malware or ransomware, allowing them to effectively turn Stryker\u2019s systems against itself.<br \/>\n\u201cThis is a five-alarm fire,\u201d Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, told CBS Mornings. \u201cIt\u2019s a wake-up call for every organization.\u201d<br \/>\nGlobal impact of the Stryker cyberattack<br \/>\nThe cyberattack caused widespread disruption to Stryker\u2019s operations, taking internal systems offline and affecting ordering, shipping, and employee workflows worldwide.<br \/>\n\u201cHandala was able to gain access to privileged, important administrator-level accounts within Stryker and then wipe out devices, hundreds of thousands of devices worldwide,\u201d Krebs explained.<br \/>\nEmployees were instructed to disconnect devices immediately, with some reporting their systems were erased in real time.<\/p>\n<p>Handala also claimed it stole 50 terabytes of corporate data before launching the attack, though that has not been independently verified.<br \/>\nInvestigators said the breach likely involved compromised credentials, potentially through phishing or other identity-based attacks, allowing hackers to gain access to high-level administrative controls.<br \/>\n\u201cI think the conditions that created this attack on Stryker were probably independent anyway, in that some misconfiguration or other vulnerability contributed to the ability of Handala to get in.\u201d<br \/>\nMedical devices not impacted<br \/>\nDespite the scale of the attack, Stryker said its connected medical devices, including LIFEPAK defibrillators, Mako surgical systems, and Vocera platforms, were not affected because they operate on separate networks.<br \/>\nHowever, some indirect impacts were reported. In Maryland, paramedics temporarily lost the ability to transmit ECG data to hospitals due to network disruptions tied to the incident.<br \/>\nIran-linked motive and geopolitical context<br \/>\nThere are reports that the group behind the attack claimed it was retaliation for a U.S.-Israeli missile strike in Iran, that reportedly killed more than 100 people.<br \/>\nCybersecurity analysts said the Stryker cyberattack is one of the most significant and destructive cyber incidents targeting a U.S. company amid rising tensions involving Iran.<br \/>\nRecovery and cybersecurity concerns<br \/>\nExperts warn recovery from the Stryker attack could take months and cost millions, as the company works to restore systems and identify vulnerabilities.<br \/>\nKrebs said organizations across the U.S. should treat the incident as a warning.<br \/>\n\u201cEvery organization today, right now, yesterday even, needs to be running a full hands-on deck rehearsal of what happens if they have a similar event,\u201d Krebs said. \u201cMake sure the bad guys cannot easily get in and move throughout the entirety of an organization.\u201d<\/p>\n<p>Local healthcare systems monitoring<br \/>\nHealthcare and higher education sectors, which are often considered higher risk for cyberattacks according to cybercrime experts, are closely watching the situation.<br \/>\nA spokesperson for University of Washington (UW) Medicine said its operations and patient care remain unaffected. Washington State University also reported no impact, while UW has not yet responded to requests for comment.<br \/>\nFollow Luke Duecy on\u00a0X.\u00a0Read more of his stories\u00a0here. Submit news tips\u00a0here.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Stryker cyberattack: Iran-linked hackers wipe 200,000 devices in global disruption https:\/\/mynorthwest.com\/local\/stryker-cyberattack-iran\/4218765 Publish Date: 2026-03-22 08:01:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":198238,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/mynorthwest.com\/wp-content\/uploads\/2026\/03\/Stryker-cyberattack.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,35,32,25,27],"class_list":["post-198237","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-hacker","tag-malware","tag-phishing","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198237"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=198237"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198237\/revisions"}],"predecessor-version":[{"id":198239,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/198237\/revisions\/198239"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/198238"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=198237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=198237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=198237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}