Monday 30 March 2026Afternoon Edition

ZOTPAPER

News without the noise

Cybersecurity

Pro-Iran Hackers Wipe Thousands of Stryker Employee Devices in First Major Retaliatory Cyberattack

The medical technology giant says it is restoring systems after what is believed to be the first significant US cyberattack linked to the Iran war

Zotpaper2 min read
Medical technology company Stryker has confirmed it is working to restore systems after pro-Iranian hackers wiped thousands of employee devices in what is believed to be the first major cyberattack against a US company in direct response to the Trump administration's military campaign in Iran.

The attack has caused widespread disruption to Stryker's operations, affecting the company's ability to conduct normal business across multiple divisions. Stryker, which manufactures surgical equipment, orthopaedic implants, and medical devices used in hospitals worldwide, said it detected the intrusion and is working with cybersecurity firms to restore affected systems.

The hack represents a significant escalation in the cyber dimension of the Iran conflict. While US officials have long warned that Iran possesses sophisticated cyber capabilities, this marks the first time those capabilities — or those of pro-Iranian proxy groups — have been deployed against a major American corporation in apparent retaliation for the ongoing military operations.

Stryker's medical technology products are used in hospitals and surgical centres across the United States and globally. The company reported revenues of over $20 billion in its most recent fiscal year, making it one of the largest medical device manufacturers in the world.

The wiping of thousands of devices suggests the attackers achieved deep access to Stryker's internal network before executing a destructive payload, a tactic consistent with Iranian-linked threat actors who have previously favoured wiper malware over ransomware.

Analysis

Why This Matters

This attack signals that the Iran war is no longer confined to the physical battlefield. The targeting of a major US medical technology company — rather than a military contractor — suggests pro-Iranian hackers are willing to strike civilian infrastructure, raising the stakes for corporate America.

Background

Iran has a well-documented history of destructive cyberattacks, from the 2012 Shamoon wiper that hit Saudi Aramco to more recent operations against Israeli targets. The current war has created new motivation for these groups to target American companies directly.

Key Perspectives

Cybersecurity experts have warned for weeks that retaliatory cyberattacks were inevitable given the scale of US military operations in Iran. The choice of a healthcare-adjacent target may be designed to maximise public alarm without crossing into critical infrastructure that might trigger a more severe US response.

What to Watch

Whether this is an isolated incident or the beginning of a broader campaign against US corporations. Other medical device and healthcare companies should be on heightened alert.

Sources