Particle.news
Download on the App Store
27 ARTICLES
·
yesterday

Feds Urge Intune Lockdowns After Stryker Cyberattack Disrupts Orders and Surgeries

The guidance follows evidence that attackers misused Microsoft Intune administrative powers by logging in with stolen credentials.

Blue Screen of Death (BSOD) and Crowstrike logo (Image Credits: Bryce Durbin / TechCrunch)
People clear rubble in a house in the Beryanak District after it was damaged by missile attacks two days before, on March 15, 2026 in Tehran, Iran. The United States and Israel continued their joint attack on Iran that began on February 28. Iran retaliated by firing waves of missiles and drones at Israel, and targeting U.S. allies in the region.
Image
A man uses a phone next to a Microsoft logo during the 56th annual World Economic Forum (WEF) meeting, in Davos, Switzerland, January 20, 2026. REUTERS/Romina Amato

Overview

  • CISA issued an alert pointing to the Stryker incident and urged organizations to harden endpoint management, including least‑privilege RBAC, phishing‑resistant MFA, and multi‑admin approval for device wipes and other high‑impact actions.
  • Reports indicate the intruders abused Stryker’s Intune console to send mass wipe commands after compromising an administrator account and creating a new Global Admin, with researchers finding infostealer logs containing Stryker admin credentials.
  • Stryker says the attack is contained with no indication of ransomware or deployed malware, its products remain safe to use, and restoration of affected systems is ongoing.
  • Disruptions to ordering, manufacturing, and shipping have limited delivery of personalized inventory, leading some providers to reschedule patient‑specific surgical cases and to temporarily restrict connectivity to Stryker systems.
  • Federal involvement includes coordination by CISA and the FBI, with the FBI and DOJ seizing websites tied to Handala, which claimed responsibility as Iran‑linked; assertions about the number of wiped devices and data theft remain unverified.