Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
-
@briankrebs apparently, they're claiming Verifone now as well.
Stryker cyberattack: Iranian group claims responsibility - 'Erased 200,000 systems, extracted 50 terabytes of data' | Today News
In a statement, Handala referred to the US missile attack on a girls' school in Minab city of Iran, which killed dozens, as one of the reasons for the hacking.
mint (www.livemint.com)
-
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
#stryker #handala #intune #wiper #cybersecurity
@briankrebs The hacker's ripped out Stryker's
appendix. -
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
#stryker #handala #intune #wiper #cybersecurity
@briankrebs #Microslop strikes again!
#HackMicrosoft -
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
#stryker #handala #intune #wiper #cybersecurity
Windows. No surprise.
-
Also curious as to why Stryker in particular.
@beisbolcards @tomjennings @briankrebs
When my daughter was born, just about every product I came in contact with at the hospital had a Stryker logo on it, not hyperbole. I believe they might be the largest medical supplier in the US(edit: they're number 6, I looked it up). If this is a worst case scenario and it takes 6 months to fulfill orders, it may have much broader consequences on the general public than just being an epic data wipe.
-
Work: If you don't accept these terms that allow us to wipe your device, you won't be able to access Exchange via mobile.
Me: Win-win, mother fuckers!@geniodiabolico holy shit, never install corporate spyware from your employer on a personal device. If your employer won't provide a device then use a cheap second device.
-
@geniodiabolico holy shit, never install corporate spyware from your employer on a personal device. If your employer won't provide a device then use a cheap second device.
@AlexanderMars That was literally the point of my post.
-
@briankrebs apparently, they're claiming Verifone now as well.
@Fringedcrow @briankrebs Neat graphics, this may be sophisticated, I don’t know, but until the full Trumpstein photos and videos and files are exposed on a Times Square billboard I’ll still yawn.
-
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
#stryker #handala #intune #wiper #cybersecurity
@briankrebs Intune the attack vector, nice.
-
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
#stryker #handala #intune #wiper #cybersecurity
Added this as an update to the story on the wiper attack on medtech giant Stryker, which doesn't just sell medical devices: A number of hospitals have opted to disconnect from Stryker's online services to minimize risk from the attack, including LifeNet, a service used by countless hospitals to send EKGs etc. from emergency responders to the emergency room in advance of the patient arriving (to speed up treatment, minimize heart tissue damage, etc). Some states, e.g., Maryland, actually require the transmission of this information, and are asking providers who have disconnected from LifeNet to start using the phone to describe the results of EKGs recorded by emergency personnel in the field.
-
R relay@relay.infosec.exchange shared this topic
