ADVERTISEMENT

Stryker cyberattack delays surgeries as CISA warns to harden Microsoft systems

Stryker said Wednesday that last week’s cyberattack has now delayed some surgeries, as CISA warns attackers are targeting Microsoft endpoint management systems used by US organizations.

Stryker cyberattack

Samuel Boivin/NurPhoto via Getty Images

Stefanie Schappert
Stefanie Schappert Senior Journalist
Mar 19, 2026 Updated: 19 March 2026 3 min read
Key takeaways:

Surgeries delayed as Stryker disruption spreads

Stryker LifePak defibrillator device
Stryker LifePak defibrillator device. Image by Stryker
Handala Stryker post
Pro-Iran hacktivists Handala claim the wiper attack on Stryker was in retaliation for the March bombing of an Iranian school. handala leak site. Image by Cybernews.
Stryker Corporation
Stryker is headquartered in Kalamazoo, Michigan. The Fortune 500 company was founded in 1941. Image by JHVE Photo | Shutterstock

CISA flags Microsoft systems as key risk

CISA Microsoft Advisory
The US Cybersecurity and Infrastructure Security Agency (CISA) issues an advisory warning US organizations to harden Microsoft systems in the aftermath of a devastating cyberattack on the Stryker Corporation. Image by Cybernews
ADVERTISEMENT
Intune Company Portal
Microsoft's Intune Company Portal application shown on Smartphone screen. Image by Bangoland | Shutterstock
  • apply the principle of least privilege when assigning administrative roles
  • use role-based access control (RBAC) to limit permissions
  • enforce phishing-resistant multi-factor authentication (MFA)
  • strengthen privileged access protections using Microsoft Entra ID features, including conditional access and risk-based controls
  • require multiple administrators to approve high-impact actions, such as device wiping, configuration changes, and script execution
  • deploy privileged identity management (PIM)
  • align endpoint configurations with zero-trust security principles

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

Handala claims it wiped 12 petabytes of data

Handala logo
Handala hack Team logo. Image by Cybernews.
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

ADVERTISEMENT