Iran-Linked ‘Handala’ Hack Wipes Stryker’s Networks After US-Israel Strikes

Handala’s wipe-and-leak tactic echoes Iran-linked Shamoon’s 2012 destruction of 35,000 Saudi Aramco computers and Russia’s 2017 NotPetya attack that cost Maersk ≈$300 m—both politically motivated, high-impact strikes on commercial targets. This episode illustrates a decade-long shift: states now use deniable proxy hackers to impose real-world costs on adversaries’ civilian infrastructure, blurring wartime and peacetime boundaries. Healthcare was largely spared in earlier conflicts, but since WannaCry crippled NHS hospitals in 2017, medical supply chains have become fair game; Handala’s targeting of a firm that reaches 150 m patients signals that even life-critical sectors are no longer off-limits. Over a 100-year horizon, the incident may mark another ratchet in the normalization of cyber-retaliation as a proportional response to kinetic strikes—much as aerial bombardment of factories became ‘acceptable’ after World War II—raising the prospect that future great-power confrontations will routinely seek to paralyze civilian tech ecosystems rather than solely military assets.