An Iranian-linked hacking group has claimed responsibility for a destructive cyberattack on US-based medical device and services provider Stryker, according to messages posted to the group’s Telegram channel and social media reports.
Stryker shares fell about 3.4 percent after the Wall Street Journal reported that the medical equipment maker was hit by a suspected Iran-linked cyberattack.
The Michigan-based company, with 56,000 employees and operations in 61 countries, is experiencing a global outage across its systems, according to the report.
Staff and contractors have claimed the logo of an Iran-linked hacking group has appeared on the login pages.
Stryker is “experiencing a global network disruption to our Microsoft environment as a result of a cyberattack,” a spokesperson said.
“We have no indication of ransomware or malware and believe the incident is contained.”
The spokesperson did not comment on who may be behind the attack. Calls to the company’s global headquarters in Portage, Michigan were answered with a recording that said the company is “currently experiencing a building emergency.”
Handala, an Iranian-linked hacking persona that has claimed multiple attacks on targets in Israel and around the world, said in a message posted in its Telegram channel that the attack was in response to the attack on the Minab school “and ongoing cyber assaults.”
A girls’ school in Minab, in southern Iran, was hit on the first day of US-Israeli attacks on Iran, killing an estimated 150 students, a figure that Reuters has not independently verified.
The outages began shortly after midnight on the US East Coast, WSJ said, citing people familiar with the matter.
The company’s staff found that remote devices running Microsoft’s Windows operating system, such as cellphones, laptops and others configured to connect to Stryker’s technology systems, had been wiped.
Neither the FBI nor the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency responded to requests for comment.
The logo of Handala, a pro-Palestinian hacking group, appeared on login pages, according to people familiar with the matter and social media posts, the report said.
Handala is an established Iranian-linked hacking persona and has been linked to multiple hack-and-leak operations as well as disruptive attacks, including cases where data was destroyed, Israeli cybersecurity firm Check Point said in a report.
