The cyberattack on medical technology giant Stryker should serve as a wake-up call for dental practices. The Iran-linked hack, which occurred on March 11, wiped more than 200,000 devices and forced the closure of offices in 79 countries.
While Stryker manufactures surgical equipment and orthopedic implants rather than dental-specific products, the attack's implications extend beyond one company. The hackers, known as Handala, claimed to have stolen 50TB of data and shut down critical healthcare systems. Stryker confirmed the attack in a U.S. Securities and Exchange Commission 8-K filing, stating that it led to "global disruption to the company's Microsoft environment."
For dental practices, the Stryker incident highlights several critical vulnerabilities. The attack targeted Stryker's Microsoft environment, the same cloud-based systems that many dental practices use daily for patient records, scheduling, billing, and communication. The event therefore raises the question that if a Fortune 500 company with an expansive cybersecurity infrastructure can be crippled, it's possible that smaller dental practices with limited IT resources could face heightened risks too.
The attack has caused dental consultants to assess the potential impacts on their own websites, including DrBicuspid.com contributor Estela Vargas, RDH. She said she has noted "curious" activity on her website from articles she has written for DrBicuspid that have included her email address.
“What got our attention was a combination of suspicious fake lead email submissions tied to older article links and a spike in traffic from Iranian IP ranges, which was unusual given our historical analytics,” Vargas said. “We cannot determine intent or attribution solely from analytics, and it would be irresponsible to claim otherwise. But it is exactly the kind of anomaly that should prompt the dental industry to tighten cyber hygiene, enable multifactor authentication across critical systems, and investigate unusual activity early.”
So what should dental practices do?
First, review and update all passwords, enabling multifactor authentication on every system that supports it. Second, ensure all software and systems are running the latest security updates, particularly Microsoft products. Third, verify that data backup systems are functioning properly and that backups are stored offline or in separate cloud environments that can't be accessed through the primary network.
Practice owners should also review their cyber insurance policies and incident response plans. The Stryker attack is being classified as a "wiper" attack, meaning that the intent of the cyber attack is to destroy data rather than steal it for a ransom. Most importantly, train your team on cybersecurity basics.
With tensions escalating globally, dental practices must treat cybersecurity as a critical operational priority, not an information technology afterthought.
