A cyberattack claimed by pro-Iran hackers has caused a “global network disruption” to a major U.S. medical device maker, according to a company statement.
Michigan-based Stryker “is experiencing a global network disruption to our Microsoft environment as a result of a cyberattack,” the company said in a statement to CNN. “We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems. Stryker has business continuity measures in place to continue to support our customers and partners.” Stryker makes a range of hospital equipment, from defibrillators to ambulance cots. The company’s computers in Ireland were also hit by the cyberattack, according to local media reports. Stryker say it serves more than 150 million patients through its health equipment and services. It was unclear what immediate impacts, if any, the hack had on Stryker’s provision of medical equipment to U.S. hospitals. Cybersecurity executives across the health sector told CNN on Wednesday they were on alert for any impacts.
One piece of Stryker equipment apparently disrupted by the cyberattack was an IT system called Lifenet, which emergency responders use to communicate patient data to hospitals.Maryland’s Institute for Emergency Medical Services (EMS) Systems, which oversees the state’s emergency medical services, told hospitals in the state Wednesday that it had received multiple reports that Stryker’s Lifenet electrocardiogram transmission system was “non-functional in most parts of the state.” “Until the transmission capability has been restored, EMS clinicians should initiate radio consultation with the receiving hospital,” read the notice from the Maryland emergency services agency, which CNN obtained.
“A message was sent in abundance of caution until the situation can be resolved,” Todd Abramowitz, a spokesperson for the agency, told CNN in an email when asked for comment. “No effect on patient care, paramedics convey their interpretation verbally as they do all the time, routinely.”..
In a social media post on Wednesday, the hacking group that claimed responsibility said the Stryker hack was retaliation for a missile strike on an elementary school in Iran, which Iranian state media has claimed killed at least 168 children. The Pentagon is investigating that incident…
Hospitals are trying to determine whether they should disconnect Stryker equipment from hospitals systems. “Stryker needs to quickly become more forthcoming as hospitals are faced with dilemma of whether to cut off Stryker or not,” a cybersecurity executive in the health care sector told CNN. “Stryker publicly claims situation is ‘contained.’ What does that mean?”
The Wall Street Journal reported earlier on the pro-Iran hack. Stryker’s shares fell more than three per cent following that report.
Iran-linked hackers had been largely quiet in terms of attacks on U.S. organizations since the war began last month. Email security firm Proofpoint said Wednesday that its tracking of known Iranian groups had turned up only one hacking campaign — an attempt to hack a U.S. think tank employee — since the war began. “Too much of cybersecurity is focused on lower consequence breaches from financially motivated enemies, while we’re increasing our exposures to nation states and other enemies who seek to disrupt and destroy,” Joshua Corman, a cybersecurity expert who has focused on the health sector for years, told CNN. “China, Iran, Russia, etc. all have the means, motive, and opportunity to deal us devastating disruptions.”
Despite the U.S. and Israel’s bombardment of Iranian government facilities, Wednesday’s hack showed that Tehran still has hackers capable of inflicting damage, cybersecurity analysts said.
“Cyber operations don’t require much infrastructure,” said Alex Rose, global head of government partnerships at cybersecurity firm Sophos. “A laptop and an internet connection can be enough to reach out and wreak havoc.”
Source: ctvnews.ca/world
