Iran-backed hackers claim wiper attack on medtech firm Stryker(krebsonsecurity.com) |
Iran-backed hackers claim wiper attack on medtech firm Stryker(krebsonsecurity.com) |
I belive that US tech firms have increasingly become valid military targets. There was a post about this yesterday [1]. BUT I don't think that extends to hospitals and medical supplies, regardless of who owns them or if they treat soldiers or not.
But, as best as I can tell, the company has been inconvenienced, possibly massively. Let's put this in context. The US launched a Tomahawk missile at a school and killed 160 school girls.
And I bet that if you look into pretty much any company hit by a hack, you'll find cost-cutting on IT to increase executive pay and bonuses.
Between the Iran-Iraq war, which the US was responsible for, and decades of sanctions, the US has by this point killed millions of Iranians. The real problem here is the general ignorance of the average American of America's 70+ years of war crimes against Iran [2].
I mean this as analysis, not justification. But at some point the incredulity at blowback rings hollow.
But given the growth in destructive power, particularly with the advent of the nuclear age, it became necessary to establish some rules or norms for war and I'm referring specifically to the Geneva Conventions [1]. Conventions here cover that wounded people and civilians aren't military targets. So it's not my opinion or Iran's opinion that matters.
The question then is do we live in an interntional rules-based order or not? The US and Israel have ignored the rules-based order in favor of "might is right" politics.
As for tech firms, I'm sorry but a company like Palantir has made itself a valid military target [2][3]. And if you work there, you are really no different from the Reaper Drone pilot who fires Hellfire missiles at, say, a wedding procession [4].
[1]: https://en.wikipedia.org/wiki/Geneva_Conventions
[2]: https://www.972mag.com/lavender-ai-israeli-army-gaza/
[3]: https://www.business-humanrights.org/en/latest-news/palantir...
Not just US tech firms. So-called dual-use has been embedded into all kinds of what was previously exclusively civilian infrastructure including telecoms networks and data centres.
Of course dual-use has always been a thing up to a point, but there has been a shift in recent years to bring it right to the heart of military doctrine.
For example the UK's Strategic Defence Review 2025 and the new Defence Industrial Strategy:
"A new £11bn ‘Invest’ annual budget has also been established under the NAD. This will fund kit for our front-line forces which is affordable and grows our UK industrial base. Our new partnership with industry and a decade of consistently rising defence spending will encourage more private finance to grow our world-leading scale-up and dual-use tech companies."
"Today, much of the best innovation is found in the private sector, while the increasing prevalence of dual-use technologies has widened the net of potential suppliers that can contribute to Defence outcomes."
The way things are going it won't just be tech firms that will be considered 'legitimate targets'.
Manufacture consent for what? Starting a war with Iran? The US already did that, and didn't need any sort of consent.
If anything, this sort of story is more likely to manufacture opposition to the war, because folks already think the war is stupid, pointless, and never should have happened, and now they're suffering more for it.
Are you suggesting that's an inside job and/or false flag attack? If it's not a false flag attack, why imply that the reporting must be to "manufacture consent"? Shouldn't you expect major hacks to be reported?
I'm saying that the media suddenly covering stories like this isn't a coincidence. The media is a tool of the state to manufacture consent. Media literacy goes beyond just looking at the facts in a story. It's also what's not mentioned, how is it presented, what stories are written, what stories aren't and, most importantly, why.
All social media companies manufacture consent for American foreign policy. Pretty much all American media does the same.
I find all this particularly funny because our media does the exact thing we accuse the likes of Chinese media doing it. We just pretend it doesn't happen here or are oblivious to it.
What I find bizarre, is that China and Russia do this daily, and "oh well". If such states sent over people to, you know, do damage using a bomb instead of a hack, there'd be trouble. As in, two towers were damaged, and it set off 20 years of war ... mostly against the wrong states.
Yet if you cause death via subtle means, such as reducing hospital infra, or attack and destroy infra via hacking, meh. Oh well!
This sort of falls inline with all other compute issues that appear before all elected bodies on the planet. An immense lack of understanding and comprehension, coupled with an inability to act.
It would take some unpleasant searching but I'm sure one can find the most recent incident of Hezbollah (not Hamas, Hezbollah are explicitly backed by Iran) either carrying out a missile or suicide bombing attach with the loss of Israeli civilian lives.
(disclaimer: the war of aggression against Iran by Israel and its decapitation attacks are also wrong)
It seems a really weird target for Iran otherwise.
Makes sense given that US citizens tend not to be too supportive of american wars, but tolerate them because it doesnt really affect them. So iran can get this to affect them then people might come out to the streets. Which would be especially effective in a midterms year like now.
Man itll be ironic as fuck if iran manages to enact regime change in the us before the us does in iran
Unlike Ukraine, it does not, so it seems to be focusing on cyber vandalism and blowing up oil infrastructure in US vassal states, and other low-cost, high-ROI activities.
Their goal is to make it too troublesome for the US/Israel to continue attacking them, like a swarm of bees attacking a bear to keep it away from their honey.
Iran is in it to win it and the US is so very obviously not.
The question is if the pressure that Israel can put on the current administration greater than the pressure that Iran can put on America as a whole.
Time will tell.
I guess they have some sensitive data on our emergency services organizations and their headquarters addresses and accounts payable people, maybe PII on signatories (officers, board members & “important people”) and whatnot.
Anyone know if it would be worse?
they have a tremendous catalog[0].
spend time in a hospital, dental office, rehab, etc and you'll see the logo plastered across everything.
[0]: https://www.stryker.com/us/en/portfolios/medical-surgical-eq...
Iran specifically takes care to underline that it is not "an enemy of the american people".
It's like how every country knows embassies are full of spies but they let them operate as diplomats anyway because they do the same thing.
Or in Iran’s case, they don’t.
There seem to be actual people getting killed, in an actual war (by another name, but we all know it's a war, with missiles and airplanes and bombs).
What ramifications you think is going to happen? They already have their country being bombed.
Russia have been running assassinations and sabotage programme using poison, bombs, small arms and radioactive material in the West for years with no real repercussions.
Like children, at school
https://www.npr.org/2026/03/11/nx-s1-5744981/pentagon-iran-m...
If you can find evidence the United States directly targeted a school with the intent of killing children and not just due to outdated intel (and somebody setting up a school in what was once part of an Iranian Revolutionary Guard naval base), maybe I'd change my mind.
Edit: this is one of those case where I would really love to see the face of the one who downvoted this comment.
This could make americans hate iran and demand retribution, but i think its more likely to make americans made at israel and their own governmnet for dragging them into it for no reason
If anything, it would manufacture opposition. The US general public blames the administration for any negative consequences resulting from the administration's war of choice: Attacks, high energy prices, further loss of US credibility, etc.
What do you mean "suddenly"? Per the reddit thread, they just got hacked yesterday. It's not like they were sitting on the story until the war broke out. Moreover I see hacks covered in the media all the time, even if there's no obvious russia/iran/north korea "manufacture consent" angle.
>Media literacy goes beyond just looking at the facts in a story. It's also what's not mentioned, how is it presented, what stories are written, what stories aren't and, most importantly, why.
There's a huge gulf between "taking every story at face value" and what you're doing which is seemingly assuming every story must be part of some sinister conspiracy to "manufacture consent".
There are constant hacks of companies. Most of them don't get covered. So there's that. But it's also how it's framed. It's an "Iranian cyberattack". Interesting.
Couldn't an equally valid headline be "Lax security results in Stryker getting hacked"? Probably (just guessing).
It's a bit like all the stories about the Chinese stealing IP and jobs. Ok, let's assume those claims are true and have been for decades. So why do companies keep offshoring there knowing this will happen? At what point do you blame short-term cost-cutting by bonus-hunting executives?
My point is that the media is playing along and you're going to get a lot of "Iran = bad" stories because of it.
Source? You can't just be like "some hacks don't get covered, this hack got covered, therefore there must be some ulterior motive behind this". If the baseline rate for reporting hacks is like 50% (random number), then the fact that it got reported doesn't tell us much. Moreover Stryker Corporation is a S&P 500 company, and this hack had major impact on their business. It's not just some data that got leaked, all their laptops/phones got wiped. It's exactly the type of hack that I'd expect to not get swept under the rug.
>It's an "Iranian cyberattack". Interesting.
Again, unless you're going for the false flag or inside job excuse, the hacker's note makes it pretty clear that it's Iranian backed, or at least by Iranian sympathizers.
>Couldn't an equally valid headline be "Lax security results in Stryker getting hacked"? Probably (just guessing).
>It's a bit like all the stories about the Chinese stealing IP and jobs. Ok, let's assume those claims are true and have been for decades. So why do companies keep offshoring there knowing this will happen? At what point do you blame short-term cost-cutting by bonus-hunting executives?
Same reason we don't put out headlines saying "women going to seedy club results in rape".
> closing the iranian borders from the outside indefinitely
Are you proposing to disrupt China-Iran shipping? Intercept even Chinese-flagged oil vessels? (not that there are many, most are still under flags of convenience)
Shoot down China-Iran civilian airliners? (again)
Do you think Trump's going to lose interest and declare victory while bombs are still flying over Bibi's head?
I suppose that just claiming victory doesn't mean the US stops fighting
heart rate monitors that go down and no one can get support for, cannot get replacement CAT scan equipment, etc.
People's AICDs aren't going to start exploding, but I'm pretty confident this will hamper care for many patients.
And it's not a war started, its a "war" responding to decades of heinous, vicious, deadly funding of terrorist organizations, and bombing of innocent civilians.
Defending Iran is akin to defending a serial murderer. Or complaining that the serial murdered got shot while resisting arrest. Ridiculous.
I sincerely hope the decent people of Iran do get rid of this ridiculous, religiously ran and controlled state.
> And it's not a war started, its a "war" responding to decades of heinous, vicious, deadly funding of terrorist organizations, and bombing of innocent civilians.
As if the US hadn't been antagonizing Iran for decades. Trump broke the nuclear agreements (which Iran had been following), then refused to negotiate new ones, then joined Israel in their bloodlust for muslim blood. This war is aimless, and only serves to radicalize the Iranian people against Israel and the US. Which will inevitably result in even more bloodshed down the line.
This is the most head-slapping part of this whole situation. We had a nuclear deal and he pulled the US out of it for no good reason (my read: because he just hates Obama that much that anything he did he wanted to undo). This situation is 100% on this president.
Assuming the killings weren't instigated by American or Israeli operatives
If a wiper actually hit internal systems, the bigger concern isn’t consumer data but disruption to manufacturing, logistics, and hospital support. That kind of outage could ripple through a lot of hospitals pretty quickly.
If Stryker stays down, supplies of some things will run out soon and many people will find themselves without medical procedures available.
IT systems around the country say that they have no access to your personal data and there they can only block access to Intune apps.
But the linked reddit thread[1] in this article notes personal devices getting wiped and locked out.
[1]: https://www.reddit.com/r/cybersecurity/comments/1rqopq0/stry...
iOS at least displays a very clear warning when you import the profile telling you exactly what it can do.
Not that this isn't awful, but it's good to be clear on what this can do when used within normal expectations.
Beyond that there are so many other things in intune you can use to prevent this sort of thing. Short lived / JIT credentials with MFA, ip restrictions, multi admin approval, rbac (role based fine tuned permissions eg help desk can't wipe, only retire ) etc. sounds like there were some big misses here.
Also sounds like they were in the system long enough to exfiltrate 50+ TB of data without setting off alarm bells.
So the options here are MDM or no MDM and that’s a hard choice. No MDM means that you have to trust all people to get things as basic as FDE or a sane password policy right. No option to wipe or lock lost devices. No option to unlock devices where people forgot their password. Using an MDM means having a privileged attack vector into all machines.
And to be clear, SCCM and Intune is a gun.
MS will not stop you from blowing your foot off with the gun.
Remember https://www.itprotoday.com/windows-7/aggressive-configmgr-ba... ?
>During TechEd 2014, Emory University's IT department prepared and deployed Windows 7 upgrades to the campuses computers. If you've worked with ConfigMgr at all, you know that there are checks-and-balances that can be employed to ensure that only specifically targeted systems will receive an OS upgrade. In Emory University's case, the check-and-balance method failed and instead of delivering the upgrade to applicable computers, delivered Windows 7 to ALL computers including laptops, desktops, and even servers.
Also elicit.
What you mean is the device enrollment on non-supervised devices, however and to my knowledge, enterprises do not use this, or if they do, it is very rare. (edit: And if they do, it's apparently a grave mistake.)
Anyway, the bombings will have to continue till we rubble our enemies.
An important book to read.
So many people think this started with the islamic revolution of the 70s. The meddling goes further in time.
Does anyone know if this is correct?
edit: 0 - on iOS this means enrolled via User Enrollment
Iran warns U.S. tech firms could become targets as war expands
Wipe all data kind of seems like the best kind of cyberattack if you have backups. No data falling into wrong hands, no left behind rootkits, no ransome threats etc
You won't necessarily be able to know that the data hasn't already been exfiltrated and that the backups aren't post-compromise. Or that by restoring the backup you won't get back to the state that allowed them to get in in the first place.
Are you referring to a paradigm where people make their systems less secure in the effort to make them more secure?
https://www.10news.com/news/local-news/authorities-warn-of-p...
Fox News drone expert:
https://nypost.com/2026/03/11/us-news/iran-could-use-drones-...
It's not in the strategic interest of Iran to do that, and they have been very strategic and rational. It's the Americans who have abandoned rationality. The Iranian goal is very clear: they don't want to sign an agreement and be attacked again in three months or one year.
In order to get that, they want a new security framework in its part of the world. They want Israel to suffer so its population think two times before doing this again. And they want to create enough economic pain to punish the current USA administration, again to teach a lesson.
Go beyond CNN or Fox News, listen to what the Iranians are saying (1).
surely a New York Post article quoting a Fox News "expert" will be factual, unbiased and not at all an attempt to pour more oil into the fire and manufacture consent to bomb a couple more girl's schools.
I don't even think they'd launch drones to DC either, they seem to be all in on attacking oil infrastructure as well as us bases & defense systems in the Middle East, rather than America.
BBC: Mystery New Jersey drones not from Iranian 'mothership' - Pentagon
https://www.bbc.com/news/articles/crrwz91wqd9o
It's certainly a theory / narrative that keeps appearing in the media.
That does not make any sense to me. Does Iran have a bunch of ships in the Pacific? Why? How would they even got close enough to the US coast without being noticed at this point?
I'm not saying it's not true, I just don't understand.
Iran is a state sponsor of Islamic terrorist groups worldwide and have contributed to thousands of deaths, including children. None of it is justified but let's not pretend it's one sided.
You can't trust people who paint Reza Pahlavi as a paragon of human rights and democracy. And neither you can trust every iranian refugee as a lot of those were corrupt members of the ruling government or worse, Savak members.
CISA was NOT another agency doing nothing.
Because they allegedly have a ship already in the Pacific loaded with drones.
DC and NY are way too far from Iran to launch any kind of attack; the only attack they can possibly do is from a ship, and ships can be anyplace where there's deep enough water.
However if they were going/able to do it, they probably wouldn't warn everyone and ruin the element of surprise, they would just do it.
Seems like a really dumb idea right now, unless maybe as a last resort if Trump decides to drop tactical nukes or something
Buncha drones in shipping containers that popped open once deep in-country
We do know that Russia et al sow division online as part of their anti western efforts, a strategy detailed in their "Foundations of Geopolitics" manual.
Do not use global admin or admin account as daily driver for one. Dont save it in browser etc either.
Limit roles, even within the application, here Intune.
Office 365 also has conditional access and many policy leavers to tweak, many cases of people locking themselves OUT of 365. So the gates work but you need to configure them.
"Break glass" global admin accounts now also require MFA. https://learn.microsoft.com/en-us/entra/identity/authenticat...
Human Rights Watch, MSF, UNICEF? Woke grievance factories, the lot of them /s . World Health Organization? US just left it. It's slim pickings out there.
https://support.microsoft.com/en-us/account-billing/download...
Maybe the US reacts differently, but in Europe most military bases have been scouted by Russian drones, and afaik none were shot down.
Yes, of course they want to continue to do what they've been doing and not be attacked for that. Yet it is just not possible. Iran's current regime overall main goal is the spread of Islamic Revolution. Hezbollah, Hamas, Houthis - these are typical metastasis of that spread. Terrorist acts, highly visible ones, is one of the effective tools of such a spread, and that way the terrorist acts are rational in the minds of Iran's regime and their above mentioned metastatic followers. There is no security framework possible which would still allow such a spread.
Anyway, it's kind of funny that the USA have military posts more than 7000 miles away from its borders, but the danger of 'expansionism' is from Iran.
We are in a fantasy propaganda land where Iran is attacked in the middle of negotiations and is Iran the guilty party. How many people have to die in those USA wars? I mean, enough is enough.
if you aren't familiar with Hezbollah, Hamas, Houthis - i highly recommend reading on it, even if just in Wikipedia.
>How many people have to die in those USA wars? I mean, enough is enough.
I think most important isn'h how many, the most important is who. Iran's regime has just indiscriminately killed 20-30K innocent civilians and uncountable many have been tortured. That is a crime against humanity. So, the top of Iran's regime and its IRGC has to be punished. I'm fine with that punishment being US and Israel's missiles.
Was there a time in the last several thousand years when there was not a "significant amount of recent X immigrants"?
No there was not. The whole region is layers upon layers upon layers of waves of immigration of different groups.
This kind of aggression, however, does seem to make their value as a deterrent clear.
Observe how nobody is fucking with North Korea like they did with Iraq or Venezuela.
Also in a "if I'm going down, everyone else is going down with me", which is Ian's strategy in this war (for good reasons). If the IRGC had nukes, and was severely threatened (like, killing the Supreme Leader and threatening to kill all of the replacements until they bend to the US/Israel will), they might have decided to go out "with style".
To be clear I don't like the idea of MAD one bit. But this is indeed how it's meant to work.
Unlike NK, Iran has a leadership that declared destroying some countries their raison d'etre.
They want Islam to dominate the world, that can't happen if there isn't a world left to dominate.
For Stryker specifically? We don't and probably won't know details.
For companies in general? Background checks, security clearance etc are done if the company determines this necessary and are willing to pay for the process and higher salary.
MFA in general had to be forced on companies, and then it is most often in software on a phone.
Here are some rough numbers.
google_workspace:
total_active_users: "3 billion (includes free/consumer Gmail)"
paid_business_customers: "11 million companies (2024)"
paid_customer_growth: "+1 million companies in under 1 year (2023-2024)"
global_business_market_share: "~50%"
fortune_500_presence: "minority share, weaker than Microsoft in enterprise"
mfa_with_yubikeys:
internal_google_employees: "100% use hardware keys (Yubikey/Titan) — since 2017"
fido_u2f_origin: "Google co-created U2F standard with Yubico post-Operation Aurora"
estimated_user_adoption_pct: "~1-3% of all Workspace users (inference, not published)"
concentration: "Highest in finance, government, tech/security-conscious orgs"
typical_majority_mfa_method: "TOTP apps (Google Authenticator) or SMS"
enterprise_passkey_deployment_2025: "87% of US/UK enterprises deploying or have deployed passkeys (FIDO Alliance — includes all hardware key types, not Yubikey-specific)"
microsoft_365:
total_active_users: "~270 million (commercial)"
paid_business_customers_us: "~1 million active US business customers"
us_company_penetration: "~3% of all US companies"
global_business_market_share: "~45%"
fortune_500_presence: "~75% of Fortune 500"
mfa_with_yubikeys:
exact_stat_available: false
note: "Same data gap as Workspace — no published breakdown"
caveats:
- "Google's 3B user figure conflates consumer and business — not comparable to Microsoft's 270M commercial figure"
- "Market share figures vary by methodology (seats vs revenue vs orgs)"
- "Yubikey adoption % is an industry inference; treat as directional only"
- "Passkey != Yubikey — FIDO Alliance 87% figure covers all FIDO2/passkey methods"You said: "$group has been meddling in the Middle East since $group was created"
I said: "groups have been meddling in the Middle East for millenia."
You disagreed, apparently because you're choosing to define "the current situation" as "Zionists meddling in the Middle East" so I suppose you're tautologically correct that the "current situation" has been around as long as they have.
Saying "the situation with the Zionists has existed as long as Zionism has existed" is the same as saying "the situation with Homo sapiens has existed as long as Homo sapiens has".
Israel's regime has killed twice that many in Gaza. Shouldn't they be prioritized for "punishment"?
Israel started the war in response to the genocide of Oct 7. So all the legitimate collateral victims and damage from Israel's actions here is responsibility of the perpetrators of Oct 7.
You aren't calling for prosecution of the perpetrators of Oct 7. That is already shows your colors.
Anyway, the number of killed you cite comes directly from Hamas (its Ministry of Health stated those numbers to UN). Hamas is a terrorist org, and can't be trusted at all.
There is no evidence that Israel killed civilians in any meaningful numbers, and that the killings were criminal and not legitimate collateral.
Now, there is a million of cell phones in Gaza. After several years of watching Ukraine war anybody knows the amount of cell footage to expect. Some Russian killings in Bucha were recorded by reconnaissance drone for example. Russian soldiers posted videos of them executing POWs, security cameras recorded Russian soldiers marauding and so forth. Where is pretty much no footage comes from Gaza. "Israel soldiers shoot at the crowd at food distribution center" and nobody recorded anything (especially giving that according to Hamas it happens regularly - and still no footage!)
And on rare occasions when some footage comes out - the analysis in the example below shows that the basic laws of physics wouldn't let even 20 people to be killed when Hamas claimed 400-800 in that "bombing of hospital" (again, if you watch war footage, you'd know what gore of several people killed by explosion would look like, and no way the parking lot would look that way just the morning several hours later - where is all the blood for example? it is pretty obvious that the asphalt hadn't been washed by the time photo was made so blood should be there even if they picked up all the bodies and parts of it)
>You aren't calling for prosecution of the perpetrators of Oct 7. That is already shows your colors.
The world did not start on October 7th, and it's completely disingenuous to suggest otherwise, which shows YOUR colors. I could equally state " all responsibility lies with the perpetrators of the Nakhba".
>Anyway, the number of killed you cite comes directly from Hamas (its Ministry of Health stated those numbers to UN). Hamas is a terrorist org, and can't be trusted at all.
If the number can't be trusted, why is the IDF acknowledging it?
https://www.timesofisrael.com/idf-believes-70000-gazans-kill...
> There is no evidence that Israel killed civilians in any meaningful numbers, and that the killings were criminal and not legitimate collateral.
If this is your position no further discussion is needed. There is nothing meaningful to be gained from engaging with you. I don't know if you guys realize how insane you appear to every other human being on the planet when you try to gaslight us into thinking the piles of evidence of dead women and children either doesn't exist or is somehow accidental.
Why was Hamas created? From wikipedia: "was founded by Palestinian Islamic scholar Ahmed Yassin in 1987 after the outbreak of the First Intifada against the Israeli occupation"
What about the Houthis? From wikipedia: "The formation of the Houthi organisations has been described by Adam Baron of the European Council on Foreign Relations as a reaction to foreign intervention."
But sure, the problem is Iran.
There is not evidence about that 20-30k civilians dead. I could say it was 3 and I would have the same proof that you have.
This rationale of 'Iran is not democratic enough' (despise they have a constitution, a parliament and elections) but I will support Saudi Arabia (that light of human rights in the middle east) is nonsense.
All this is done for the geopolitical interest of USA, the oil and Israel. Anyone that say otherwise is taking us for idiots.
As i said you don't know what you're talking about. You seem to be just blabbering some gibberish. I'm not engaging with you anymore here.
https://www.rferl.org/a/iran-protest-death-toll-ofogh-tv/336...
"The government of Iran's reformist President Masud Pezeshkian has published the names and national ID numbers of 2,985 individuals killed during recent nationwide protests."