- It appears personal devices were also impacted by this via Microsoft Intune. That app is presented to employees as a way to get their email/slack on their personal device without giving IT systems access to it.
IT systems around the country say that they have no access to your personal data and there they can only block access to Intune apps.
But the linked reddit thread[1] in this article notes personal devices getting wiped and locked out.
[1]: https://www.reddit.com/r/cybersecurity/comments/1rqopq0/stry...
by marijan_div
1 subcomments
- Stryker is far more than ambulance gurneys. They’re one of the largest med-tech suppliers, with equipment in operating rooms, ICUs, and surgical departments everywhere.
If a wiper actually hit internal systems, the bigger concern isn’t consumer data but disruption to manufacturing, logistics, and hospital support. That kind of outage could ripple through a lot of hospitals pretty quickly.
by JonChesterfield
3 subcomments
- So gain access to a machine that can ask microsoft intune to eviscerate the company, ask it to do so, done. Bit of a shame all the machines had that installed really. Reminds me of crowdstrike.
- Does InTune have some sort of check that goes "if over 1% of devices are wiped within a certain timeframe, stop all new device wipe requests"? Seems like it should be a feature, especially if these kinda attacks pick up.
by globemaster99
1 subcomments
- American terrorists are really understanding what might be the consequences when they push people to end of their survival. The people of iran are fighting for their survival and they got nothing to loose.
Things are just getting started.
- Killing 175 children would illicit such a response also from USA hackers.
- If Intune wiped personal devices that’s a serious failure. BYOD setups are supposed to wipe only the work container, not the whole phone. Either those devices were fully enrolled in MDM without people realizing or someone pushed the wrong wipe policy during incident response. Would be good to see confirmation from affected employees.
- Hacktivists? Looks more like state actors.
- Patriot of Persia https://www.goodreads.com/book/show/12202123-patriot-of-pers...
An important book to read.
So many people think this started with the islamic revolution of the 70s. The meddling goes further in time.
- Medtech firms consistently underinvest in corporate network cybersecurity because almost all their security and compliance spending goes to device safety requirements, not IT hardening. This is exactly the kind of gap wiper attacks target.
by akramachamarei
0 subcomment
- Astounding amount of censorship in these comments.
by cobbzilla
1 subcomments
- My only knowledge of this company is as a manufacturer of gurneys for ambulances.
I guess they have some sensitive data on our emergency services organizations and their headquarters addresses and accounts payable people, maybe PII on signatories (officers, board members & “important people”) and whatnot.
Anyone know if it would be worse?
- So... did they have backups?
Wipe all data kind of seems like the best kind of cyberattack if you have backups. No data falling into wrong hands, no left behind rootkits, no ransome threats etc
- Never add your personal device to a companies MDM…
- One irony here is that Stryker makes their partners and suppliers jump through so many cybersecurity hoops. I’m talking months and ridiculous demands. Then they get hacked themselves. They should have gotten their own shit together as well.
by camillomiller
2 subcomments
- Seems dire but hardly a supply chain disrupting attack. Stryker is a huge supplier but it not as if this will debilitate the medical supply chain completely.
Seems like the hackers found a door they could kick open easily and then justified the action ex-post.
by jacquesm
11 subcomments
- I'm trying to imagine the kind of response the USA would inflict on a country that wiped a girls school stateside.
by RcouF1uZ4gsC
1 subcomments
- I wonder if there was some confusion between Stryker the Army infantry vehicle and Stryker the medtech company.
It seems a really weird target for Iran otherwise.
- That's a shame, they make impressive products
by shevy-java
0 subcomment
- So their own faulty security is now blamed on others. That's not new.
by renewiltord
1 subcomments
- They’ve been around for a while. Threat actors are something that I want our governments to be working on stopping. If they were capable, I would say we should run a government Project Zero but I doubt anyone would do long term service for $70k/yr when they could be making 10x-100x that.
Anyway, the bombings will have to continue till we rubble our enemies.
- Isn't it a weird coincidence that soon after the US and Israel started an unprovoked and unnecessary war (that billionaires will profit handsomely from, as an aside) that we get stories like this to manufacture consent?
I belive that US tech firms have increasingly become valid military targets. There was a post about this yesterday [1]. BUT I don't think that extends to hospitals and medical supplies, regardless of who owns them or if they treat soldiers or not.
But, as best as I can tell, the company has been inconvenienced, possibly massively. Let's put this in context. The US launched a Tomahawk missile at a school and killed 160 school girls.
And I bet that if you look into pretty much any company hit by a hack, you'll find cost-cutting on IT to increase executive pay and bonuses.
Between the Iran-Iraq war, which the US was responsible for, and decades of sanctions, the US has by this point killed millions of Iranians. The real problem here is the general ignorance of the average American of America's 70+ years of war crimes against Iran [2].
I mean this as analysis, not justification. But at some point the incredulity at blowback rings hollow.
[1]: https://news.ycombinator.com/item?id=47341007
[2]: https://news.ycombinator.com/item?id=47342791
by ChrisArchitect
1 subcomments
- Related:
Iran warns U.S. tech firms could become targets as war expands
https://news.ycombinator.com/item?id=47341007
- The "Fucking for Virginity" approach to infosec strikes again!
by assaddayinh
0 subcomment
- [dead]
- [dead]
- [dead]
- [dead]
- [flagged]
- [flagged]
by geobuk-dosa
0 subcomment
- [flagged]
by DeathArrow
1 subcomments
- So US and Israel wipe out a school filled with children and Iranian hackers delete some data as retaliation?
- I absolutely think there should be ramifications for such acts.
What I find bizarre, is that China and Russia do this daily, and "oh well". If such states sent over people to, you know, do damage using a bomb instead of a hack, there'd be trouble. As in, two towers were damaged, and it set off 20 years of war ... mostly against the wrong states.
Yet if you cause death via subtle means, such as reducing hospital infra, or attack and destroy infra via hacking, meh. Oh well!
This sort of falls inline with all other compute issues that appear before all elected bodies on the planet. An immense lack of understanding and comprehension, coupled with an inability to act.
by jamesmishra
1 subcomments
- Some people on Twitter have jokingly suggested that the Iranians were looking for the maker of the Stryker military vehicle.
https://en.wikipedia.org/wiki/Stryker
- They are trying to hurt innocents in retaliation for the US murdering their children. I understand the sentiment, but strongly disagree with acting on it. Ukraine has done a much better (of course not perfect) job of retaliating against military targets in response to russian war crimes.
Hacker News