"Early in our investigation, we believed there was no indication of ransomware or malware. Further into the course of our investigation, alongside Palo Alto Networks Unit 42 and other experts, we identified that the threat actor used a malicious file to run commands which allowed them to hide their activity while in our systems."
"To be clear, this file was not capable of spreading - either inside or outside of our environment. Most importantly, at no point has our data been compromised."
Stryker reported on a cyberattack attributed to the Iran-linked group Handala, which claimed to have wiped over 200,000 devices. The attack forced Stryker to shut down offices globally. Initial reports suggested the use of wiper malware, but Stryker found no evidence of malware or ransomware. The hackers likely exploited Stryker's Microsoft Intune to wipe systems. The incident disrupted order processing and manufacturing, but Stryker has made progress in restoring systems and provided technical details about the malicious file used by the attackers.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]