{"id":28318,"date":"2026-03-20T03:46:14","date_gmt":"2026-03-20T03:46:14","guid":{"rendered":"https:\/\/microvibenews.com\/?p=28318"},"modified":"2026-03-20T03:46:14","modified_gmt":"2026-03-20T03:46:14","slug":"cisa-urges-companies-to-secure-microsoft-intune-systems-after-hackers-mass-wipe-stryker-devices","status":"publish","type":"post","link":"https:\/\/microvibenews.com\/?p=28318","title":{"rendered":"CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices"},"content":{"rendered":"<p><br \/>\n<\/p>\n<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned companies to secure systems for managing their fleets of employee devices after pro-Iran hackers broke into <a href=\"https:\/\/techcrunch.com\/2026\/03\/17\/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices\/\">medical tech giant Stryker<\/a> and mass-wiped thousands of its phones, tablets, and computers.<\/p>\n<p class=\"wp-block-paragraph\">The agency <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/03\/18\/cisa-urges-endpoint-management-system-hardening-after-cyberattack-against-us-organization\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">said on Thursday<\/a> that it was urging companies to take action and confirmed it was aware that hackers used their access to Stryker\u2019s Windows-based network to misuse its device endpoint systems, causing ongoing outages to the company\u2019s global operations.<\/p>\n<p class=\"wp-block-paragraph\">Among the advice, CISA said network administrators should ensure that certain user accounts that have access to systems like Microsoft Intune, which Stryker uses to remotely manage its employees\u2019 devices, can only make sensitive or high-impact changes (such as wiping devices) with a second administrator\u2019s approval.<\/p>\n<p class=\"wp-block-paragraph\">Stryker, which develops medical devices and equipment for hospitals, confirmed on March 11 that it had been hacked, saying it was experiencing \u201cglobal disruption\u201d to its network.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">The company said the hackers did not deploy malware or ransomware, but <a href=\"https:\/\/techcrunch.com\/2026\/03\/17\/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices\/\">reports say<\/a> that the hackers abused their access to Stryker\u2019s internal systems to access its Intune dashboards to remotely delete the data stored on tens of thousands of employee devices, including personal phones and computers connected to Stryker\u2019s network.<\/p>\n<p class=\"wp-block-paragraph\">Stryker has since said it contained the cyberattack and is restoring its systems. While the company\u2019s medical devices remain operational, Stryker said its supply, ordering, and shipping systems remain offline.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Stryker has not given a timeline for its recovery. The company did not respond to TechCrunch\u2019s request for comment.<\/p>\n<p class=\"wp-block-paragraph\">A group of pro-Iran hacktivists, known as Handala, <a href=\"https:\/\/techcrunch.com\/2026\/03\/11\/stryker-hack-pro-iran-hacktivist-group-handala-says-it-is-behind-attack\/\">took credit for the cyberattack on Stryker<\/a> last week, saying it hacked the company in retaliation for the U.S. killing of dozens of children in an air strike on a school in Iran. The hackers claimed to have stolen reams of data from the company\u2019s network, but did not immediately provide evidence for that claim.<\/p>\n<p class=\"wp-block-paragraph\">The FBI seized the Handala group\u2019s website on Wednesday, <a href=\"https:\/\/techcrunch.com\/2026\/03\/19\/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack\/\">TechCrunch reported<\/a>.<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/techcrunch.com\/2026\/03\/19\/cisa-urges-companies-to-secure-microsoft-intune-systems-after-hackers-mass-wipe-stryker-devices\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Cybersecurity and Inf&hellip; <\/p>\n","protected":false},"author":1,"featured_media":28319,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[249],"tags":[10843,10202,1662,2539,11080,5015],"_links":{"self":[{"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/posts\/28318"}],"collection":[{"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microvibenews.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=28318"}],"version-history":[{"count":0,"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/posts\/28318\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/microvibenews.com\/index.php?rest_route=\/wp\/v2\/media\/28319"}],"wp:attachment":[{"href":"https:\/\/microvibenews.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=28318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microvibenews.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=28318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microvibenews.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=28318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}