Exposure Brief: Iranian-Linked Wiper Attack on Global Medtech Firm Stryker

On March 11, 2026, Stryker Corporation was hit by a destructive wiper attack attributed to Handala (an Iranian-linked actor) that erased data across its global Windows environment—likely via compromise of Microsoft Intune administrative access—disrupting manufacturing and wiping laptops, servers, and mobile devices; the report describes impact, Censys findings about exposed Internet-facing assets, and recommends mitigations such as phishing‑resistant MFA, conditional access, monitoring for anomalous MDM activity, and tested incident response plans.