Stryker Cyberattack - Digital Ordering Systems Still Down
Basically, a cyberattack wiped Stryker's devices, but their hospital tools are still safe.
Stryker's electronic ordering systems remain offline after a cyberattack. Thousands of devices were wiped, but hospital tools are safe for use. The incident highlights cybersecurity risks in healthcare.
What Happened
A cyberattack has severely impacted Stryker, a major medical device company. Electronic ordering systems have been down for over a week, causing significant disruptions. The attack is believed to have wiped thousands of devices clean of all information. This incident has led to factory closures and operational challenges across multiple countries.
Stryker has reassured customers that their connected digital products are safe for use. The company has implemented manual ordering methods to ensure that supplies continue to reach healthcare facilities. They are working diligently to restore their electronic systems, although no timeline has been provided for full recovery.
Who's Affected
The attack has affected Stryker's internal operations, impacting their ability to process orders electronically. Hospitals relying on Stryker's products for surgical procedures and emergency medical equipment are also indirectly affected. However, Stryker has confirmed that their hospital tools, such as connected beds and surgical visualization platforms, remain operational and safe.
The company’s focus is on restoring systems that handle ordering, shipping, and customer support, which are critical for maintaining supply chains in healthcare settings. The disruption has raised concerns among healthcare providers about the reliability of their supply chain during this period.
What Data Was Exposed
While the details of the attack are still unfolding, it is reported that the cyberattack involved the compromise of high-level administrative accounts. This allowed attackers to exploit Microsoft Intune, a device management tool used by Stryker, to wipe devices clean. Cisco Talos, a cybersecurity firm, indicated that this technique, known as living-off-the-land (LOTL), enabled the attackers to cause widespread destruction without traditional malware.
Stryker has stated that no ransomware or malware was involved in this incident. The attackers, identified as the Iranian-aligned group Handala, claimed responsibility, stating their motives were linked to Stryker's contracts with the U.S. Defense Department. The full extent of the data loss and the impact on company operations is still being assessed.
What You Should Do
For healthcare facilities using Stryker products, it is crucial to stay informed about the status of electronic ordering systems. Stryker is coordinating directly with customers to manage orders manually during this downtime. It is advisable for healthcare providers to establish contingency plans for supply chain disruptions.
Additionally, organizations should review their cybersecurity protocols, especially regarding device management systems like Microsoft Intune. Ensuring that administrative access is tightly controlled can help prevent similar incidents in the future. Regular training and awareness programs for employees about cybersecurity threats are also essential to safeguard sensitive information and maintain operational integrity.
The Record