Stryker Manufacturing Network Returns to Full Operations After Iranian Cyberattack, Production Moving Toward Peak Capacity

Portage Medical Device Giant Back in Business After Severe Cyber Disruption

*PORTAGE, Mich.* — Stryker, one of the world's leading medical technology companies, has announced that its global manufacturing network has returned to a fully operational status following a devastating cyberattack in March.

In an update posted on Stryker's website Wednesday, company representatives said production is moving toward peak capacity with "discipline and stability," supported by restored commercial, ordering and distribution systems.

The medical device manufacturer, based in Portage, Michigan, was hit by a wiper attack on March 11 from the pro-Palestinian, Iranian government-connected group Handala. The attack damaged the company's order processing, manufacturing and shipping operations, creating what Stryker described at the time as a "severe, global disruption."

"Our work continues around the clock in close partnership with third party cybersecurity experts, relevant government agencies and industry partners as our investigation progresses, reflecting a shared commitment to protecting the healthcare ecosystem and supporting ongoing recovery efforts," Stryker representatives said in a statement.

Patient Care Remains Top Priority

The company emphasized that patient care continues to remain its highest priority throughout the recovery process.

"Patient care remains our highest priority, with a continued focus on supporting healthcare providers and the patients they serve," Stryker stated. "This remains a 24/7 effort and the first priority of our entire organization."

Overall product supply remains healthy with availability across most product lines, according to company representatives. The firm continues to meet customer demand and support ongoing patient care needs despite the recent cybersecurity incident.

Three-Week Recovery Timeline

The cyberattack has been unfolding for approximately three weeks as of this update. On March 11, Stryker announced they were experiencing a severe disruption on their Microsoft environment. However, at the time, there was no indication of ransomware or malware, and officials believed the disruption had been contained.

"Production is moving rapidly toward peak capacity with discipline and stability, supported by restored commercial, ordering and distribution systems," the company wrote in its Wednesday update.

Investigation Continues

Stryker said it continues to work with outside cyber experts, government agencies and industry partners on its investigation and recovery efforts. The company has been conducting a 24/7 effort to protect the healthcare ecosystem and ensure ongoing recovery.

Broader Threat Landscape

The Handala group has claimed responsibility for multiple attacks since the U.S.-Israel strikes began. This week, Handala also claimed to have compromised the data of FBI Director Kash Patel, although the FBI said no government information was taken.

"Handala boasted this week about an attack on St. Joseph County, Indiana, where officials said they were investigating a hack of its external fax service," CyberScoop reported.

The Handala group also claimed to have penetrated the systems of Israel's air defense systems and leaked documents about it. However, Handala has also been accused of overselling its deeds in some instances.

Federal Response

The FBI has seized some websites associated with Handala, and the State Department has offered a reward for information on the hacking group. The cyber threat has become increasingly prominent in the United States as geopolitical tensions have intensified.

Industry Impact

Stryker's attack has made it one of the most prominent victims to date of Iranian hackers. As a global leader in medical technologies, the Portage-based company's operations affect healthcare providers and patients nationwide.

"As a result of a cyberattack, Stryker announced March 11 they were experiencing a 'severe, global disruption' on their Microsoft environment," WWMT reported.

The incident highlights the vulnerability of critical infrastructure to state-sponsored cyber operations and the importance of robust cybersecurity measures for medical device manufacturers.

Looking Ahead

As Stryker's manufacturing network moves toward peak capacity, the company remains committed to supporting healthcare providers and patients throughout the recovery process. The ongoing investigation continues with the help of third-party cybersecurity experts and government agencies.

The incident serves as a stark reminder of the evolving cyber threat landscape and the need for continuous vigilance in protecting critical infrastructure and patient care operations.

Sources

• WWMT: https://wwmt.com/news/arc/stryker-cyberattack-manufacturing-network-fully-operational-hack-malicious-file-production-portage-kalamazoo-county-west-michigan
• CyberScoop: https://cyberscoop.com/medtech-giant-stryker-says-its-back-up-after-iranian-cyberattack/