A cyberattack on Stryker has disrupted parts of its supply chain, delaying surgical procedures for some health systems, according to a March 18 report from Bloomberg.
The medical devicemaker said disruptions to ordering, manufacturing and shipping have limited its ability to deliver patient-specific products, forcing some procedures to be rescheduled.
“The system disruption has temporarily impacted the ability to deliver personalized inventory,” a Stryker spokesperson told Bloomberg. “As a result, some patient-specific cases have been rescheduled.”
While Stryker said its products remain safe to use and the incident has been contained, systems are still being restored. The disruption has already affected some providers: Chicago-based CommonSpirit Health said a small number of surgical cases were rescheduled due to the incident, according to Bloomberg.
Health systems, including Somerville, Mass.-based Mass General Brigham and Renton, Wash.-based Providence, said they are monitoring the situation and in some cases restricted connectivity to Stryker systems as a precaution.
The cyberattack, first disclosed March 11, affected Stryker’s internal Microsoft environment and caused a global network disruption. The company said there is no indication of ransomware or malware.
Reports have linked the attack to an Iran-affiliated hacking group, though Stryker has not confirmed attribution.
Cybersecurity experts said the incident underscores growing risks tied to third-party vendors and the importance of contingency planning across healthcare systems.
The U.S. Cybersecurity and Infrastructure Security Agency is urging organizations to take steps to defend against cyberattacks similar to Stryker’s.
The agency said March 18 that it is aware of “malicious cyber activity targeting endpoint management systems,” such as Stryker’s March 11 hack.
The agency also advised that organizations implement Microsoft’s March 14 best practices for securing its Intune platforms: adopt “principles of least privilege” for administrative roles, enforce multifactor authentication and “privileged access” policies to prevent phishing, and require multi-admin approval in Intune.
The American Hospital Association has warned of similar hacking attempts amid the U.S.-Iran war.
Becker’s has reached out to Stryker for comment and will update the story if more information becomes available.
The post Stryker cyberattack delays surgeries; feds urge tighter cybersecurity appeared first on Becker's Hospital Review | Healthcare News & Analysis.
Source: Read Original Article
