If a wiper actually hit internal systems, the bigger concern isn’t consumer data but disruption to manufacturing, logistics, and hospital support. That kind of outage could ripple through a lot of hospitals pretty quickly.
If Stryker stays down, supplies of some things will run out soon and many people will find themselves without medical procedures available.
IT systems around the country say that they have no access to your personal data and there they can only block access to Intune apps.
But the linked reddit thread[1] in this article notes personal devices getting wiped and locked out.
[1]: https://www.reddit.com/r/cybersecurity/comments/1rqopq0/stry...
iOS at least displays a very clear warning when you import the profile telling you exactly what it can do.
Not that this isn't awful, but it's good to be clear on what this can do when used within normal expectations.
Beyond that there are so many other things in intune you can use to prevent this sort of thing. Short lived / JIT credentials with MFA, ip restrictions, multi admin approval, rbac (role based fine tuned permissions eg help desk can't wipe, only retire ) etc. sounds like there were some big misses here.
Also sounds like they were in the system long enough to exfiltrate 50+ TB of data without setting off alarm bells.
So the options here are MDM or no MDM and that’s a hard choice. No MDM means that you have to trust all people to get things as basic as FDE or a sane password policy right. No option to wipe or lock lost devices. No option to unlock devices where people forgot their password. Using an MDM means having a privileged attack vector into all machines.
And to be clear, SCCM and Intune is a gun.
MS will not stop you from blowing your foot off with the gun.
Remember https://www.itprotoday.com/windows-7/aggressive-configmgr-ba... ?
>During TechEd 2014, Emory University's IT department prepared and deployed Windows 7 upgrades to the campuses computers. If you've worked with ConfigMgr at all, you know that there are checks-and-balances that can be employed to ensure that only specifically targeted systems will receive an OS upgrade. In Emory University's case, the check-and-balance method failed and instead of delivering the upgrade to applicable computers, delivered Windows 7 to ALL computers including laptops, desktops, and even servers.
Also elicit.
What you mean is the device enrollment on non-supervised devices, however and to my knowledge, enterprises do not use this, or if they do, it is very rare. (edit: And if they do, it's apparently a grave mistake.)
Anyway, the bombings will have to continue till we rubble our enemies.
An important book to read.
So many people think this started with the islamic revolution of the 70s. The meddling goes further in time.
Does anyone know if this is correct?
edit: 0 - on iOS this means enrolled via User Enrollment
Iran warns U.S. tech firms could become targets as war expands
https://www.10news.com/news/local-news/authorities-warn-of-p...
Fox News drone expert:
https://nypost.com/2026/03/11/us-news/iran-could-use-drones-...
It's not in the strategic interest of Iran to do that, and they have been very strategic and rational. It's the Americans who have abandoned rationality. The Iranian goal is very clear: they don't want to sign an agreement and be attacked again in three months or one year.
In order to get that, they want a new security framework in its part of the world. They want Israel to suffer so its population think two times before doing this again. And they want to create enough economic pain to punish the current USA administration, again to teach a lesson.
Go beyond CNN or Fox News, listen to what the Iranians are saying (1).
surely a New York Post article quoting a Fox News "expert" will be factual, unbiased and not at all an attempt to pour more oil into the fire and manufacture consent to bomb a couple more girl's schools.
I don't even think they'd launch drones to DC either, they seem to be all in on attacking oil infrastructure as well as us bases & defense systems in the Middle East, rather than America.
BBC: Mystery New Jersey drones not from Iranian 'mothership' - Pentagon
https://www.bbc.com/news/articles/crrwz91wqd9o
It's certainly a theory / narrative that keeps appearing in the media.
That does not make any sense to me. Does Iran have a bunch of ships in the Pacific? Why? How would they even got close enough to the US coast without being noticed at this point?
I'm not saying it's not true, I just don't understand.
Wipe all data kind of seems like the best kind of cyberattack if you have backups. No data falling into wrong hands, no left behind rootkits, no ransome threats etc
You won't necessarily be able to know that the data hasn't already been exfiltrated and that the backups aren't post-compromise. Or that by restoring the backup you won't get back to the state that allowed them to get in in the first place.
Are you referring to a paradigm where people make their systems less secure in the effort to make them more secure?
Iran is a state sponsor of Islamic terrorist groups worldwide and have contributed to thousands of deaths, including children. None of it is justified but let's not pretend it's one sided.
You can't trust people who paint Reza Pahlavi as a paragon of human rights and democracy. And neither you can trust every iranian refugee as a lot of those were corrupt members of the ruling government or worse, Savak members.
I belive that US tech firms have increasingly become valid military targets. There was a post about this yesterday [1]. BUT I don't think that extends to hospitals and medical supplies, regardless of who owns them or if they treat soldiers or not.
But, as best as I can tell, the company has been inconvenienced, possibly massively. Let's put this in context. The US launched a Tomahawk missile at a school and killed 160 school girls.
And I bet that if you look into pretty much any company hit by a hack, you'll find cost-cutting on IT to increase executive pay and bonuses.
Between the Iran-Iraq war, which the US was responsible for, and decades of sanctions, the US has by this point killed millions of Iranians. The real problem here is the general ignorance of the average American of America's 70+ years of war crimes against Iran [2].
I mean this as analysis, not justification. But at some point the incredulity at blowback rings hollow.
But given the growth in destructive power, particularly with the advent of the nuclear age, it became necessary to establish some rules or norms for war and I'm referring specifically to the Geneva Conventions [1]. Conventions here cover that wounded people and civilians aren't military targets. So it's not my opinion or Iran's opinion that matters.
The question then is do we live in an interntional rules-based order or not? The US and Israel have ignored the rules-based order in favor of "might is right" politics.
As for tech firms, I'm sorry but a company like Palantir has made itself a valid military target [2][3]. And if you work there, you are really no different from the Reaper Drone pilot who fires Hellfire missiles at, say, a wedding procession [4].
[1]: https://en.wikipedia.org/wiki/Geneva_Conventions
[2]: https://www.972mag.com/lavender-ai-israeli-army-gaza/
[3]: https://www.business-humanrights.org/en/latest-news/palantir...
Not just US tech firms. So-called dual-use has been embedded into all kinds of what was previously exclusively civilian infrastructure including telecoms networks and data centres.
Of course dual-use has always been a thing up to a point, but there has been a shift in recent years to bring it right to the heart of military doctrine.
For example the UK's Strategic Defence Review 2025 and the new Defence Industrial Strategy:
"A new £11bn ‘Invest’ annual budget has also been established under the NAD. This will fund kit for our front-line forces which is affordable and grows our UK industrial base. Our new partnership with industry and a decade of consistently rising defence spending will encourage more private finance to grow our world-leading scale-up and dual-use tech companies."
"Today, much of the best innovation is found in the private sector, while the increasing prevalence of dual-use technologies has widened the net of potential suppliers that can contribute to Defence outcomes."
The way things are going it won't just be tech firms that will be considered 'legitimate targets'.
Manufacture consent for what? Starting a war with Iran? The US already did that, and didn't need any sort of consent.
If anything, this sort of story is more likely to manufacture opposition to the war, because folks already think the war is stupid, pointless, and never should have happened, and now they're suffering more for it.
Are you suggesting that's an inside job and/or false flag attack? If it's not a false flag attack, why imply that the reporting must be to "manufacture consent"? Shouldn't you expect major hacks to be reported?
I'm saying that the media suddenly covering stories like this isn't a coincidence. The media is a tool of the state to manufacture consent. Media literacy goes beyond just looking at the facts in a story. It's also what's not mentioned, how is it presented, what stories are written, what stories aren't and, most importantly, why.
All social media companies manufacture consent for American foreign policy. Pretty much all American media does the same.
I find all this particularly funny because our media does the exact thing we accuse the likes of Chinese media doing it. We just pretend it doesn't happen here or are oblivious to it.
What I find bizarre, is that China and Russia do this daily, and "oh well". If such states sent over people to, you know, do damage using a bomb instead of a hack, there'd be trouble. As in, two towers were damaged, and it set off 20 years of war ... mostly against the wrong states.
Yet if you cause death via subtle means, such as reducing hospital infra, or attack and destroy infra via hacking, meh. Oh well!
This sort of falls inline with all other compute issues that appear before all elected bodies on the planet. An immense lack of understanding and comprehension, coupled with an inability to act.
It's like how every country knows embassies are full of spies but they let them operate as diplomats anyway because they do the same thing.
Or in Iran’s case, they don’t.
There seem to be actual people getting killed, in an actual war (by another name, but we all know it's a war, with missiles and airplanes and bombs).
What ramifications you think is going to happen? They already have their country being bombed.
Russia have been running assassinations and sabotage programme using poison, bombs, small arms and radioactive material in the West for years with no real repercussions.
Like children, at school
https://www.npr.org/2026/03/11/nx-s1-5744981/pentagon-iran-m...
If you can find evidence the United States directly targeted a school with the intent of killing children and not just due to outdated intel (and somebody setting up a school in what was once part of an Iranian Revolutionary Guard naval base), maybe I'd change my mind.
Edit: this is one of those case where I would really love to see the face of the one who downvoted this comment.
It would take some unpleasant searching but I'm sure one can find the most recent incident of Hezbollah (not Hamas, Hezbollah are explicitly backed by Iran) either carrying out a missile or suicide bombing attach with the loss of Israeli civilian lives.
(disclaimer: the war of aggression against Iran by Israel and its decapitation attacks are also wrong)
It seems a really weird target for Iran otherwise.
Makes sense given that US citizens tend not to be too supportive of american wars, but tolerate them because it doesnt really affect them. So iran can get this to affect them then people might come out to the streets. Which would be especially effective in a midterms year like now.
Man itll be ironic as fuck if iran manages to enact regime change in the us before the us does in iran
Unlike Ukraine, it does not, so it seems to be focusing on cyber vandalism and blowing up oil infrastructure in US vassal states, and other low-cost, high-ROI activities.
Their goal is to make it too troublesome for the US/Israel to continue attacking them, like a swarm of bees attacking a bear to keep it away from their honey.
Iran is in it to win it and the US is so very obviously not.
The question is if the pressure that Israel can put on the current administration greater than the pressure that Iran can put on America as a whole.
Time will tell.
I guess they have some sensitive data on our emergency services organizations and their headquarters addresses and accounts payable people, maybe PII on signatories (officers, board members & “important people”) and whatnot.
Anyone know if it would be worse?
they have a tremendous catalog[0].
spend time in a hospital, dental office, rehab, etc and you'll see the logo plastered across everything.
[0]: https://www.stryker.com/us/en/portfolios/medical-surgical-eq...
Iran specifically takes care to underline that it is not "an enemy of the american people".
