What the Stryker cyberattack teaches us

A March 11, 2026 destructive wiper-style attack against Stryker reportedly disrupted operations for 56,000 employees across 79 countries and may have abused Microsoft Intune administrative controls to issue remote wipe/reset commands; investigators report no evidence of medical device compromise so far. The report highlights the risk of attackers abusing device-management infrastructure, outlines recommended mitigations (conditional access, least privilege, monitoring, device inventory, and ringfencing key processes), and emphasizes adopting Zero Trust principles to limit impact from similar attacks.