Pro-Iran hackers claim cyberattack on major US medical device maker

A cyberattack claimed by pro-Iran hackers has caused a “global network disruption” to a major US medical device maker, according to a company statement.

Michigan-based Stryker “is experiencing a global network disruption to our Microsoft environment as a result of a cyberattack,” the company said in a statement to CNN. “We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems. Stryker has business continuity measures in place to continue to support our customers and partners.”

Stryker makes a range of hospital equipment, from defibrillators to ambulance cots. The company’s computers in Ireland were also hit by the cyberattack, according to local media reports. Stryker say it serves more than 150 million patients through its health equipment and services.

It was unclear what immediate impacts, if any, the hack had on Stryker’s provision of medical equipment to US hospitals. Cybersecurity executives across the health sector told CNN on Wednesday they were on alert for any impacts.

The cyberattack appears to be one of the first notable pro-Iranian hacks against US infrastructure since the US and Israel began bombing Iran last month. US intelligence officials have warned about the possibility of Tehran-linked hackers retaliating for the US and Israeli bombing of Iran that began last month.

In a social media post on Wednesday, the hacking group that claimed responsibility said the Stryker hack was retaliation for a missile strike on an elementary school in Iran, which Iranian state media has claimed killed at least 168 children. The Pentagon is investigating that incident.

The Wall Street Journal reported earlier on the pro-Iran hack. Stryker’s shares fell more than 3% following that report.

Iran-linked hackers had been largely quiet in terms of attacks on US organizations since the war began last month.

Email security firm Proofpoint said Wednesday that its tracking of known Iranian groups had turned up only one hacking campaign — an attempt to hack a US think tank employee — since the war began.

“Too much of cybersecurity is focused on lower consequence breaches from financially motivated enemies, while we’re increasing our exposures to nation states and other enemies who seek to disrupt and destroy,” Joshua Corman, a cybersecurity expert who has focused on the health sector for years, told CNN. “China, Iran, Russia, etc. all have the means, motive, and opportunity to deal us devastating disruptions.”