What’s known about wiper attack on Stryker, a major supplier of lifesaving devices

Company says it doesn't know how long it will take to restore its Microsoft environment.

See full article...

 

[A_Very_Tired_Geek]

Even if a company has fully realized, useful backups and remote provisioning in place, it still takes time to carry out a full investigation of the security failure, make sure the backup data are clean of compromise based on the preliminary investigation findings, reprovision, and then make sure the holes are closed before allowing outside network contact. It can take weeks just to reprovision if you have a device fleet in the 10s of thousands of devices, let alone figure out what happened and form a strategy to prevent it from immediately happening again soon as the outside connection is reopened. No one recovers over night, and if they do, then that in itself is suspicious.

 

[A_Very_Tired_Geek]

I heard on the rumor mill that the hackers took over Styker's MDM system and used it to wipe all of the devices on the company's network. This includes employees who installed Microsoft Intune on their personal phones.

And that's why you should never "bring your own device" to work. Make the company pay for a work phone or pager if they want to reach you outside of business hours.

That's not even the primary reason not to BYOD. The primary reason is because if you mix company and personal data and you're part of a division in the company part of legal procedings you're going to lose your device for as long as discovery + any other legal procedures take to finish. Then all your personal data is now in the hands of a 3rd party... even stuff that may not have normally been hoovered otherwise is now outside of your control.

What happened with Stryker is just punctuation rather than content.