Liputan6.com, Jakarta - Stryker Corporation, a global medical technology giant, was struck by a cyberattack on the evening of March 11, 2026.
A hacker group calling itself Handala claimed responsibility for the incident, which caused operational disruption in multiple countries.
Advertisement
As a result of the cyberattack, thousands of employees worldwide were unable to access systems, communicate, or work, disrupting the operations of the company, which manufactures crucial medical devices.
Handala stated the attack was retaliation for the US-Israel military conflict against Iran and Stryker's ties to Israel.
This attack marked a significant escalation in global cyberwarfare, being the first destructive attack directly targeting a major US company in connection with a regional conflict.
Global Impact of the Cyberattack
The cyberattack that hit Stryker Corporation caused a severe global network disruption in the company's Microsoft environment.
Thousands of employees in the United States, Ireland, and Australia reported being unable to access their work systems.
Many work devices, including personal phones with Stryker work profiles, were reportedly wiped by hackers.
The scale of the attack was so extensive that it forced Stryker offices in 79 countries to temporarily close.
The disruption effectively crippled the company's computer network, forcing employees to return home and forcing the offices to close completely.
Alexander Leslie, a senior advisor at Recorded Future, highlighted the escalation in the target selection and impact of this attack.
Handala's Claim and Motives Behind
The Handala hacking group, believed to be pro-Palestinian hacktivists linked to Iran and possibly a front for the Iranian Ministry of Intelligence (MOIS), claimed full responsibility for the cyberattack.
They claimed to have successfully exfiltrated 50 terabytes of critical data from Stryker's systems.
In addition to the data theft, Handala also claimed to have wiped over 200,000 of the company's systems, servers, and mobile devices.
This group has been active since the start of the US-Israel-Iran conflict, with a history of cyberattacks against Israeli infrastructure.
Handala stated that this attack was in retaliation for US-Israeli military attacks on Iran, particularly the incident at the Minab school in Iran, which killed many people.
They also cited "continued cyberattacks against Axis of Resistance infrastructure" as another reason.
Stryker was targeted because of the company's ties to Israel, including the acquisition of Israeli company OrthoSpace in 2019 and a $450 million contract with the US Department of Defense.
Stryker's Response
In response to the incident, Stryker confirmed a global network disruption to its Microsoft environment as a result of the cyberattack.
However, the company stated there was no indication of ransomware or malware and believed the incident had been contained.
The Stryker team worked quickly to understand the impact of the attack on its systems and collaborated with cybersecurity experts.
They also engaged Microsoft engineers to investigate and remediate the affected systems.
The nature of this attack appears to involve destructive wiper malware, designed to permanently wipe systems and data.
Wiper malware typically initiates through phishing emails, malicious downloads, or compromised websites, then spreads within networks to wipe files, databases, and entire drives.