On March 11, 2026, the Iran-linked group Handala executed a cyberattack on Stryker Corporation, a medical device manufacturer located in Portage, Michigan. This attack disrupted Stryker's internal Microsoft software systems, affecting order processing and manufacturing operations. The incident underscores the vulnerabilities of US critical infrastructure, which extends beyond major targets like power plants to include essential suppliers and service providers. As geopolitical tensions rise, cyber operations have become a common tool for state-linked groups to project power and disrupt operations. The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about Iranian hackers accessing US critical infrastructure, emphasizing that such threats require a whole-of-society response. The Stryker case illustrates how regional conflicts can have far-reaching impacts on organizations far removed from the battlefield. U.S. agencies are working to enhance cybersecurity measures, particularly during periods of heightened geopolitical risk, but challenges remain due to the private ownership of critical infrastructure and uneven resources across sectors. As cyber conflicts evolve, the focus often shifts from immediate disruption to establishing persistent access for future operations.