Iran-linked hackers breached an NHS supplier in retaliation to US strikes on Tehran, pausing the supply of essential medical equipment to UK hospitals.
A hacktivist group linked to Iranian intelligence successfully breached the IT systems of a global medical technology firm supplying the NHS, pausing orders of mouth swabs and defibrillators to UK hospitals.
The incident highlights a growing concern that the NHS is prone to cyber attacks which cause a “catastrophic risk” to patient safety, experts warned. There is no immediate impact on defibrillators already in hospitals but it means that new orders for replacements are currently restricted.
The attack against Stryker, a medical technology company based in Michigan in the US, shut down parts of the firms IT systems and affected its ability to receive and process orders, including those placed through NHS procurement channels.
In a notice to customers, the NHS said four defibrillator products and three oral swabs – used for diagnosing infections and collecting samples – were subject to “control demand management”, which allows NHS bosses full control of the allocation of these products where supplies are severely restricted.
Stryker is a major supplier of surgical equipment and hospital devices used widely across healthcare providers, including the NHS. The company operates in more than 60 countries and employs around 56,000 people globally.
Employees at the firm reported on Wednesday that company devices had been wiped of all information and staff were locked out of company systems across Ireland, the US, Australia and India.
A pro-Iranian-regime hacktivist group named Handala alleged on Telegram that it had carried out a destructive “wiper” attack on Stryker in response to the bombing of a primary school in Minab, Iran, last month which killed 168 people, most of them children.
“We announce to the world that, in retaliation for the brutal attack on the Minab shcool and in response to ongoing cyber assaults against the infrastructure of the Axis of Resistance,” the goup posted. “Our major cyber operation has been executed with complete success.”
Handala claimed it wiped data from more than 200,000 systems and stole around 50 terabytes of internal information, though the full extent of the breach has not been independently verified.
The group is widely suspected of being a state-directed front for Iran’s Ministry of Intelligence and Security (MOIS), according to cyber research group Unit 42, who have been tracking an increased risk of attacks related to the conflict with Iran.
On 6 March, Israel’s National Cyber Directorate warned of Iranian cyberattacks targeting Israeli organisations with wiper attacks, revealing “several cases” in which attackers “gained access to corporate networks and deleted servers and workstations”
It comes amid increased fears among security officials that Tehran is recruiting criminals and proxies to retaliate against the West after the US and Israel launched a military operation against Iran.
The i Paper previously revealed that British intelligence agencies were on high alert for proxy attacks, while Telegram channels linked to the Iran regime are actively seeking to recruit Europeans online.
In a filing with the US Security and Exchange Commission (SEC), Stryker confirmed the cyberattack disrupted access to parts of its network and internal systems, affecting operations such as manufacturing, order processing and shipping.
“The incident has caused, and is expected to continue to cause, disruptions and limitations of access to certain of the Company’s information systems and business applications supporting aspects of the Company’s operations and corporate functions,” the firm stated. “While the Company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known.”
The attack highlights how geopolitical conflicts are increasingly spilling into cyberspace and areas of civil society away from frontlines.
Dr Saif Abed of The AbedGraham Group, a former NHS doctor and renowned healthcare cyber security expert, told The i Paper: “The supply chain is the NHS’s Achilles heel and is a source of catastrophic risk from both patient safety and national security perspectives.
“The Government needs to order an urgent review into NHS cybersecurity and patient safety with the goal of enhancing supply chain accountability and cyber-resiliency.”
Healthcare suppliers are effective targets for adversaries because attacks on their IT systems can quickly impact the daily functioning of hospitals. For NHS organisations, the incident adds to growing concern about cyber resilience across healthcare supply chains, following a cyber attack in June 2024 which targeted an NHS blood testing database.
Russian-backed cyber attackers hacked IT systems run by pathology service company Synnovis, leading to the cancellation of more than 1,000 operations and 2,000 appointments.
The NHS has set up an incident team to manage the disruption stemming from the latest attack, and is collaborating with the Department for Health and Social Care and Stryker to investigate the impact.
NHS England were approached for comment.
Hence then, the article about heart attack patients at risk as defibrillator supplies targeted in nhs hack was published today ( ) and is available on inews ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.
Read More Details
Finally We wish PressBee provided you with enough information of ( Heart attack patients at risk as defibrillator supplies targeted in NHS hack )
Also on site :