Stryker cyber attack ‘fully contained’ as Cork staff return to repair computers

Stryker CEO Kevin Lobo said the cyber attack has now been “fully contained” and that the company is “in the restoration phase.”

“We believe that this attack did not involve ransomware or malware, meaning there is no risk of system contamination," Mr Lobo said in a statement.

“Our employees and our sites are safe. Our products and our customers are also safe. Our teams are working closely with customers, government partners, and third-party experts to maintain business continuity.”

Mr Lobo said the impact of the cyber attack was limited to the company’s internal Microsoft environment.

“There will be additional steps in the coming days as we complete the recovery process, but I am confident that we will emerge from this stronger," he said.

“Moments like this test organisations, but they also reveal their strength. I’m incredibly proud of how our Stryker teams have come together, supporting one another and our customers, while staying focused on safety, quality, and our mission to make healthcare better.

“The work we do supports a global healthcare system that patient’s and clinicians rely on every day.”

Mr Lobo also thanked staff for their resilience during the cyber attack.

“While we never want situations like this to occur, we plan for these moments. Our mitigation protocols were quickly activated to protect our employees, our sites, and most importantly, our customers and the patients they serve,” he said.

An Iranian-linked hacktivist network known as Handala has claimed responsibility for the attack.

The group said the attack on Stryker was retaliation for the “brutal attack on the Minab school” in Iran, which it said killed more than 175 civilians, many of them children. The United States has been blamed for the bombing.

The attack on Stryker was a “wiper” attack, designed to destroy IT systems and their data. Such attacks are typically politically, rather than financially, motivated.

Help desks have been set up at all Stryker facilities to help staff regain access to their computers. Employees brought their computers back on site this morning to be repaired.

“Laptops are slowly being fixed,” one worker said.

Despite the IT breach, payroll has not been affected and staff are expected to be paid on time, the Irish Examiner understands.

Stryker employs about 5,000 people in Ireland and more than 56,000 worldwide. The company’s Dublin server remained down on Thursday evening, preventing production from restarting.

However, with a skeleton staff on site on Friday, the company said it could quickly ramp up operations once functioning servers were restored.

Employees whose laptops showed only a blue screen — an indication the device had been hacked — were told not to engage with any IT systems.

However, staff with functioning laptops were told on Thursday that they could log on. Production machines were being prioritised for repair.

Employees with mobile devices were told they could get back online on Thursday using the Outlook and Teams apps.