B&R Computers - IT Services & Cybersecurity in Lehigh Valley

Managed IT Services in Allentown, Reading & Berks County

B&R Computers provides 24/7 system monitoring, expert IT support, patch management, server and workstation management, network optimization, backup and disaster recovery, and help desk support for businesses in Allentown, Reading, Wyomissing, Kutztown, and throughout Lehigh Valley and Berks County, Pennsylvania. Our managed IT services follow industry best practices recommended by NIST Cybersecurity Framework.

Cybersecurity Solutions for Lehigh Valley Businesses

Protect your business with 24/7 security and threat monitoring, advanced endpoint protection, security incident response, vulnerability assessments, and compliance management including HIPAA, FTC Safeguards Rule, and CMMC from B&R Computers. We also provide security awareness training to help your team recognize and prevent cyber threats, following guidelines from CISA.

AI Consulting & Workflow Automation

Transform your business with AI strategy and planning, workflow automation, and AI adoption training. B&R Computers helps businesses in Berks County and Lehigh Valley leverage artificial intelligence to increase efficiency and reduce costs.

About B&R Computers

B&R Computers has over 20 years of experience providing IT services and cybersecurity solutions to businesses in the Lehigh Valley and Berks County. We are locally owned and operated in Kutztown, PA. Connect with us on Facebook and LinkedIn. We follow cybersecurity best practices recommended by the U.S. Small Business Administration (SBA).

Why Choose B&R Computers

B&R Computers is your trusted partner for managed IT support, regulatory compliance, and business automation. We serve businesses of all sizes across the Lehigh Valley and Berks County with tailored technology solutions. View our sitemap for a complete overview of our services.

Contact B&R Computers

Call (484) 641-8083 or email [email protected]. Visit us at 7 S. Kemp Rd., Kutztown, PA 19530. Contact us today for a free consultation. Serving Allentown, Reading, Wyomissing, Kutztown, and all of Berks County and Lehigh Valley, Pennsylvania. Book a strategy call online.

B&R Computers
Back to Blog
March 20, 2026Cybersecurity

Wiped Out: What the Stryker Attack Teaches Us About Securing Management Tools

Wiped Out: What the Stryker Attack Teaches Us About Securing Management Tools

If you woke up yesterday and checked the news, you probably saw the headlines about Stryker Corporation. For those who aren’t familiar, Stryker is a massive medical technology firm. But over the last 24 hours, they’ve become the latest poster child for a terrifying new trend in cyber warfare.

On March 17 and 18, 2026, a threat group known as "Handala" managed to compromise Stryker’s centralized management system. They didn't just steal data, and they didn't just encrypt files for a ransom. They issued a "wipe" command to tens of thousands of employee devices, laptops, desktops, and even personal cell phones used for work.

Imagine opening your laptop on a Wednesday morning only to see a "System Reset" screen, knowing that every document, every local photo, and every configuration on that machine is gone. For Stryker employees, that nightmare became a reality.

At B&R Computers, we talk a lot about cybersecurity, but the Stryker attack is a wake-up call that goes beyond traditional malware. It’s a lesson in how the very tools we use to manage and protect our businesses can be turned against us if we aren't careful.

The Shift from Ransomware to "Scorched Earth"

For years, the biggest fear for small business owners was ransomware. The idea was simple (if devastating): hackers lock your files and demand money to give them back. There was at least a transaction involved, a way out, however painful.

What we saw with the Stryker attack is different. This was a "wiper" attack. The goal wasn’t profit; it was pure destruction. The Handala group didn't want a payout; they wanted to cause maximum operational downtime and data loss.

When an attacker moves from "give me money" to "I want to destroy your business," the stakes change. You can't negotiate with a delete key. This makes your IT services and how they are configured more important than ever.

Digital illustration showing the destructive power of a remote wipe command on business laptops and mobile devices. Visual: A conceptual image showing a hand hovering over a 'delete' key with a background of fading digital devices. Clean, modern, and serious style.

The "God Mode" Problem: Centralized Management Tools

The attackers didn't have to hack ten thousand individual laptops. They only had to hack one thing: Microsoft Intune.

Intune is a fantastic tool, we use similar technologies to help our clients manage their fleets of devices. It allows an administrator to push updates, install software, and, yes, remotely wipe a device if it gets lost or stolen. It’s essentially "God Mode" for your company’s hardware.

The problem? If an attacker gains "Global Administrator" privileges to your management console, they inherit that God Mode.

In Stryker’s case, the attackers gained high-level access and simply told the system to perform its job: wipe the devices. The system did exactly what it was designed to do, except the command came from a criminal instead of an authorized IT manager.

Why This Matters for Small Businesses

You might think, "I'm not a multi-billion dollar medical company, why does this affect me?"

The reality is that most small businesses today are using the same tools. If you use Microsoft 365, you likely have access to Intune. If you use a different Remote Monitoring and Management (RMM) tool, the risk is identical.

As we move more toward remote work and "Bring Your Own Device" (BYOD) cultures, these centralized tools are necessary. We need them to keep your business running smoothly. But if they aren't locked down with the highest level of security, they are a single point of failure that could delete your entire business in a single click.

Lessons We Must Learn from Stryker

1. The End of "Standing" Global Admin Rights

In the old days, an IT person might have an account that was a "Global Admin" 24/7. That is now a massive liability. At B&R Computers, we advocate for Privileged Identity Management (PIM).

With PIM, nobody has admin rights by default. If a technician needs to perform an administrative task, they have to "request" that elevation, prove who they are with Multi-Factor Authentication (MFA), and the rights only last for an hour or two. If an attacker steals those credentials at midnight, they can't do anything because the "admin" switch is turned off.

2. MFA is the Bare Minimum (and it’s not enough)

We’ve been preaching MFA for years. But the Stryker attack shows us that even MFA can be bypassed if the attacker uses sophisticated "session hijacking" or "MFA fatigue" attacks.

You need Conditional Access. This means your management tools shouldn't just ask for a password and a code; they should also check:

  • Is this login coming from a known office IP address?
  • Is the device being used to log in a "compliant" company-managed laptop?
  • Is the login coming from a country where we actually do business?

If the answer to any of these is "no," the system should block the login entirely, regardless of whether the password is correct.

Isometric design showing layered security rings like MFA and conditional access blocking a cyber threat. Visual: A digital shield with multiple layers of protection (MFA, IP filtering, Device Compliance) blocking a shadowy figure.

3. Selective Wipe vs. Full Wipe

One of the most heartbreaking parts of the Stryker breach was that personal devices were wiped. Employees lost years of family photos and personal data because their phones were connected to the company’s management system.

For small businesses, we recommend "Selective Wipe" or "Containerization." This allows the business to wipe only the business emails and apps without touching the employee's personal files. It’s safer for the employee and reduces the legal liability for the employer.

4. Detection is Just as Important as Prevention

If your management system suddenly tries to wipe 100 devices at 2:00 AM, someone should know about it. Most businesses have their tools set to "auto-pilot."

You need active monitoring that flags "anomalous behavior." A sudden spike in administrative actions or a mass-deletion command should trigger an immediate "kill switch" that freezes the administrative account until a human can verify what’s happening.

How to Protect Your Business Today

This attack is a reminder that "set it and forget it" IT is dead. You need a partner who understands the nuances of these cloud-based management tools.

The Stryker attack wasn't a failure of the software; it was a failure of the security layers surrounding the software. Centralized management is a double-edged sword: it makes IT efficient, but it also makes it a target.

Don't Wait for the "Wipe"

At B&R Computers, we specialize in helping small businesses navigate these complex cybersecurity challenges. We don't just set up your tools; we lock them down so they can't be used as a weapon against you.

Are you confident that your management tools are secured against a "scorched earth" attack? Let’s find out before a group like Handala decides to take a look.

Ready to secure your business?

The Stryker attack is a tragedy for the employees and the company involved, but for the rest of us, it’s a lesson we can’t afford to ignore. Let’s make sure your business isn't the next one to be "wiped out."

Tags:BreachIntuneManaged IT
All Posts

Need Help with Your IT?

Our team of experts is ready to help secure and optimize your business technology.