Iran-Backed Handala Hackers Claim Devastating Wiper Attack on Stryker

Stryker Corporation, one of the world's largest medical device manufacturers, is reeling from what appears to be a massive, state-sponsored wiper attack. The Iran-affiliated hacktivist group Handala has claimed responsibility for the destruction, stating they have wiped over 200,000 systems, servers, and mobile devices across the company's global network.

Why it Matters

Unlike ransomware, wiper attacks have no decryption key and no negotiation phase. The goal is pure destruction. For a $25 billion medical company like Stryker, this represents a catastrophic break in the supply chain and potential risk to patient data and device manufacturing schedules.

The Attack: 200,000 Systems Wiped

Reports from Stryker's Cork, Ireland headquarters indicate that "anything connected to the network is down." The group Handala, linked to Iran's Ministry of Intelligence and Security (MOIS), claims the attack is in retaliation for recent regional military actions.

Scope: 79 countries affected.

Impact: 5,000+ workers sent home, global IT infrastructure neutralized.

Malware: Destructive wiper variant with no recovery path.

The Verdict

The Stryker attack marks a significant escalation in nation-state cyber warfare, moving from espionage to mass infrastructure destruction. Healthcare and medtech organizations must now treat wiper malware as a primary threat, prioritizing immutable offline backups and radical network segmentation.

Sources & References

KrebsOnSecurity: "Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker"

Palo Alto Networks Unit 42: Iranian Cyberattacks 2026 Report