Iranlinked

March 19 (UPI) — The Federal Bureau of Investigation took down two websites that belong to an Iran-linked hacker group after it staged a global cyberattack on an American medical equipment company last week.

Two websites used by the group Handala — one that contained information about its hacks and the other used to dox people it alleges work with the Israeli military and related companies — were pulled down by the FBI on Thursday, NBC News and Techcrunch reported.

Handala was behind a “wiper attack” on the medical device maker Stryker’s computer system on March 11, which it said was in retaliation for a deadly strike on the Shajareh Tayyiba girls school in Minab, Iran.

“Law enforcement authorities determined this domain was used to conduct, facilitate, or support malicious cyber activities on behalf of, or in coordination with, a foreign state actor,” a message left on both websites by the FBI said.

Portage, Mich.-based Stryker, which employs 50,000 people worldwide and manufactures a variety of medical devices, including orthopedic implants, surgical instruments and imaging systems, was forced to shut down for the day because of the global attack.

The attack affected the company’s internal Microsoft corporate environment and was not a ransomware attack, it said four days after the attack, after determining that no malware had been installed and the system was able to be restored.

Handala, which has been active since Oct. 7, 2023, is believed to be linked to Iran’s Ministry of Intelligence and Security, American and Israeli cyber security experts have said.

The group is thought to have attacked Stryker because it was awarded a $450 million contract by the Department of Defense last year, and said at the time that the attack specifically was in response to the U.S. bombing of the school.

Handala acknowledged on Telegram that its websites were no longer under its control, and said that the “aggressive action reveals the extent to which the enemies of truth will go to silence voices that unveil their atrocities.”

“To all truth-seekers and defenders of justice, we inform you that the Handala RedWanted website, which was dedicated to exposing Zionist crimes and raising global awareness, has also been seized and taken offline by order of the FBI,” Handala said, noting that a new website is under construction.

In the wake of the attack, experts have told UPI it should be a wake-up call for a wide swatch of U.S. companies that may have similar gaps in security, especially because rather than demanding ransom, the purpose of this attack was to destroy information and wreak havoc.

March 11 (UPI) — Medical device maker Stryker is experiencing a global tech issue Wednesday from a cyberattack by a group of pro-Iranian hackers.

Employees found their work devices locked up with the symbol of the hacker group Handala displayed on their screens. It is being described as a “wiper attack,” not meant to extort money but to cause maximum damage to Stryker’s systems.

Handala has claimed responsibility for the cyberattack in a social media post, writing that it is retaliation for the deadly strike on the Shajareh Tayyiba girls school in Minab, Iran.

“We announce to the world that, in retaliation for the brutal attack on the Minab school school and in response to ongoing cyber assaults against the infrastructure of the Axis of Resistance,” the post reads. “In this operation, over 200,000 systems, servers, and mobile devices have been wiped and 50 terabytes of critical data have been extracted.”

The cyberattack has not only impacted employees in the United States but also employees in Ireland.

“Stryker is experiencing a global network disruption to our Microsoft environment as a result of a cyberattack,” Stryker said in a statement. “We have no indication of ransomware or malware and believe the incident is contained. Our teams are working rapidly to understand the impact of the attack on our systems. Stryker has business continuity measures in place to continue to support our customers and partners.”

Stryker is headquartered in Portage, Mich., and employs 50,000 people worldwide, including about 1,000 at its headquarters. It manufactures an array of medical equipment including orthopedic implants, surgical instruments and imaging systems. It is one of the largest medical technology manufacturers in the world.

The headquarters closed for the day on Wednesday with signs posted on its doors warning workers not to access Stryker’s network, use its devices or connect to its WiFi.