伊朗的黑客通过微软Intune攻击了Stryker系统, 在全球范围内干扰了五天. Iran-linked hackers attacked Stryker’s systems via Microsoft Intune, disrupting operations globally for over five days.

美国国际安全局警告各组织加强微软Intune的安全性, 因为医疗设备制造商Stryker遭受网络攻击导致全球运营中断了五天. CISA has warned organizations to strengthen security for Microsoft Intune after a cyberattack on medical device maker Stryker disrupted global operations for over five days. 据称是为了报复伊朗一所女生学校遭到袭击. The breach, linked to Iran-linked hackers known as Handala, targeted endpoint management systems and was claimed in retaliation for a strike on a girls’ school in Iran. 国际情报机构确认正在进行的恶意活动,并敦促公司采用微软的安全最佳实践,包括基于角色的访问控制,防鱼MFA和特权访问管理. CISA confirmed ongoing malicious activity and urged companies to adopt Microsoft’s security best practices, including role-based access control, phishing-resistant MFA, and privileged access management. 虽然Stryker表示没有患者服务或连接设备受到损害, 但攻击延迟了一些手术. While Stryker said no patient services or connected devices were compromised, the attack delayed some surgeries. 美国国际安全局正在与联邦调查局合作评估威胁并制定减轻风险的战略. CISA is working with the FBI to assess threats and develop mitigation strategies.