Jerry Raphael, Hypori: In Wake of Stryker Attack, Mobile Device Security Needs a Major Rethink

The recent incident involving Stryker highlights a critical shift in mobile security risk, where legitimate tools like remote wipe can be turned against organizations. We sat down with Hypori CFO Jerry Raphael to learn why the breach exposes deeper architectural flaws rather than just gaps in controls. The recent Stryker attack demonstrates the continuing challenges with mobile device security and remote wipe risk. Can you put those risk into greater context?

Sure. I fly into Austin all the time because our office is there. My routine never really changes. Early flight, Uber to the hotel, drop my bag, head straight to the office and try to cram in as many meetings as I can. My entire day runs off my phone. Boarding pass, hotel confirmation, ride app, calendar, contacts. Everything. Nobody prints anything anymore. I wouldn’t even know what to print if I had to.

So imagine I land, reach into my pocket, and the screen says “Hello.” White background, cursive text. The screen you see when you take a brand new iPhone out of the box. Except it’s not a new phone. It’s mine. Everything on it is gone. No hotel confirmation. No Uber. No way to call anyone because I haven’t memorized a phone number in over a decade. My eSIM is wiped so I don’t even have service. Even if I get on airport Wi-Fi, I can’t log into anything because my password manager and authenticator app were both on the phone that just got reset.

You’re standing in the airport holding a thousand-dollar paperweight with a full day ahead of you and no way to do anything about it. 

Luckily, that didn’t happen to me. It did happen to employees at Stryker.

Why did the Stryker incident stand out from other cyber incidents?

When I first saw the headlines, I assumed it was the usual thing. Ransomware, phishing, someone clicked something they shouldn’t have. The kind of story you think you understand after five seconds. The more I read, the less it looked like that.

There was no malware. No encryption. No ransom note. From what has been reported, someone got access to an admin credential, logged into Microsoft Intune, and issued a remote wipe. Devices started going blank. Laptops, workstations, personal phones on BYOD plans. All getting factory reset across dozens of countries in a matter of hours.

Nothing crashed. Nothing broke. The system worked exactly the way it was designed to. Just not for the right person. That’s the part I keep coming back to.

If you look at Stryker on paper, this isn’t some company ignoring security. They’ve got the oversight, the committees, the training, the third-party assessments. All the stuff you’re supposed to have. The right people asking the right questions. It still didn’t matter. Nobody bypassed the system. Nobody exploited some obscure bug. They logged in and used it.

How are organizations responding to the incident?

The response since then has been pretty predictable. Tighter admin controls. Better MFA. More approvals before someone can hit the wipe button. All good ideas. If you’re running one of these environments, you should probably already be doing that.

But it doesn’t really change what this is. You still have a system where a centralized console can issue destructive commands across every device in the company. You’ve just made it harder to get to.

And this isn’t just Stryker. You’ve seen versions of this before. Different company, different headline, same basic story. The management layer turns into the thing that gets used against you. Once someone’s in, they don’t need to get creative. The platform already gives them everything.

At some point you stop looking at the controls and start looking at the design. Not whether wipe is useful. Of course it is. People lose phones. People leave companies. There are real reasons that feature exists. The question is why it works the way it does. Why one compromised pathway can turn into that kind of impact that fast, across that many devices.

What is the broader architectural issue with today’s mobile security model?

We’ve been here before, just on a different screen. Years ago, the problem was laptops. Sensitive data sitting on endpoints, one lost device away from exposure. For a while, the answer was more controls. Encryption, policies, all of it. Eventually, that stopped being enough. So the model changed. The data moved off the device. The laptop turned into a window into something that lived somewhere else. You could lose it, break it, have it stolen, and it didn’t take your data with it. That was an architectural shift.

Somehow that thinking never really made it over to mobile.

What we’ve ended up doing instead was basically rebuilding the same model on phones. The data sits on the device. There’s a central console controlling it. And if something goes wrong, there’s a button that fixes it by wiping everything. Which sounds fine until you stop and think about what that actually means.

Because now “fixing it” doesn’t just mean removing company data. It means wiping someone’s entire digital life. Photos, banking apps, authentication, everything they rely on day to day, just gone. At that point, this isn’t really about whether your controls hold up. Controls don’t hold up forever. They never have. It’s about what happens the day they don’t.

What’s the key learning for enterprises?

For enterprises, the lesson is not that remote wipe should never exist. The lesson is that mobile security cannot keep depending on destructive endpoint control as the last line of defense. The industry already learned this lesson with laptops and sensitive data. It is time to apply that same architectural thinking to mobile, especially as more organizations rely on personal devices for business access. The safest model is one where the employee’s personal device does not become the place where corporate risk and personal disruption collide.