The U.S.-based MedTech giant Stryker in an update shared late Thursday night confirmed that its supply chain has been impacted adversely with no timeline in place for a full restoration due to the cyberattack claimed by Iran-linked hacker collective – the Handala group.
While Stryker maintained that the root of the global disruption is an intrusion in its Microsoft environment, it now added that the incident is contained to its “own internal systems” and not spilled over to its customers. “Our connected products are not impacted and are safe to use,” the update said.
Based on reports on several social media platforms, Handala allegedly used data wiper malware in this campaign, in accordance to its regular modus operandi. However, Stryker reiterated that no malware or ransomware was detected on its systems, as of now.
Also read: Who Is Handala — The Iran-Linked Ghost Group That Just Wiped 200K Stryker Devices
Even though Stryker claims negligible impact on its connected products, the MedTech firm admitted disruption to its supply chain.
“This incident has caused disruptions to order processing, manufacturing and shipping,” Stryker said.
This is not the worrying part alone. The fact that there is no definitive timeline that Stryker foresees for its resumption, is. In an 8-K filing to the U.S. SEC, the company said:
“The incident has caused, and is expected to continue to cause, disruptions and limitations of access to certain of the Company’s information systems and business applications supporting aspects of the Company’s operations and corporate functions. While the Company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known.”
The full scope of financial and material impact is yet to be determined too.
Stryker added that although the timeline to get up and running is blurry at this point, it “has business continuity measures in place to continue to support its customers and partners.”
CISA Joins Investigation
While the company responds and conducts its own assessment, CISA said it was following the due process of investigating the incident as well.
“We are working shoulder-to-shoulder with our public- and private‑sector partners as we continue to uncover relevant information and provide technical assistance for the targeted attack on Stryker, while steadfastly standing at the ready to defend our nation’s critical infrastructure,” CISA acting director Nick Andersen told The Cyber Express. “As with all cyber incidents, we have launched an investigation into this matter.”
The Israel Connect of Stryker, The Real Reason?
And while the world calls this an attack on a U.S.-based company – a country that has supported Israel in the ongoing West Asia war – the actual reason could be debated. Why? Because half a decade ago Stryker acquired OrthoSpace, Ltd., a privately held company headquartered in Caesarea, Israel, in an all cash transaction. What does this imply? Not to jump to conclusions, but all the companies with trade and links to Israel may be carrying targets on their back.
Updated March 14, 10:35 AM ET: For adding CISA acting director Nick Andersen’s comments.
