US Medical Company Hit With Cyberattack, And This Hacker Group Is Claiming Responsibility
On March 11, a hacker group known as Handala Team claimed responsibility for a cyberattack launched against the U.S. medical tech company Stryker. As reported by NBC News, this attack is seemingly the first significant instance of an Iranian entity hacking an American company since the start of the ongoing war between the two countries.
Stryker is a medical equipment manufacturer headquartered in Portage, Michigan. A statement posted by Stryker on the company's website described the hacking situation as "a global network disruption to our Microsoft environment as a result of a cyber attack." The company explained that there was no indication of ransomware or malware and that the incident seems to be contained. This comes at a time when hackers are using AI to break AI, so the contained nature of this attack is a lucky break for Stryker.
A report from KrebsOnSecurity indicates that the attack may have entailed the use of a service called Microsoft Intune to remotely wipe data from devices connected to the company's Microsoft environment. Microsoft did not respond to requests from NBC News for comments or details about the cyberattack despite the nature of this breach.
Who is the Handala Team hacker group?
Handala is a "hacktivist" group that has been profiled by Palo Alto Networks and confirmed to be linked to Iran's Ministry of Intelligence and Security. The team is known to brag about its exploits on social media and has claimed responsibility for other large-scale hacking operations, such as the compromising of an Israeli energy exploration company and the compromising of fuel systems in Jordan.
The recent hacking by Handala has had a real effect on Stryker and the medtech industry as a whole, with more than 5,000 employees at Stryker's Ireland location being sent home on the day of the attack. The report from KrebsOnSecurity also suggests that a major university medical system in the United States would be unable to order surgical supplies normally sourced through Stryker.
Recently, a Google AI report exposed new cyberattack threats and the possibility that hackers might use AI for adversarial purposes. In the hands of an impassioned group like the Handala Team, AI-powered search algorithms and malware coding could lead to further cyberattacks that are even more harmful than the Stryker breach.