• Date: March 11–12, 2026
• Location: Global Operations (Headquartered in Michigan, US)
• Key Actors: Handala (a.k.a. Void Manticore, Storm-842), a pro-Palestinian, Iran-aligned hacktivist group

A major cyberattack disrupted global network infrastructure at the US medical device company, Stryker. The breach involved the compromise of administrator-level credentials within the Microsoft Intune management console, enabling the threat actor to wipe or disable over 200,000 systems across 79 countries. The attack is considered a direct retaliation for geopolitical kinetic actions. The sustained disruption affects internal systems, electronic ordering, and potentially supply chains for surgical tools and implants.

Geolocation Context: The incident demonstrates the spillover of Middle Eastern geopolitical conflict directly onto US civilian critical industry, raising alarms across the healthcare sector globally.

• Date: January 2026 (Ongoing)
• Location: North America and Europe
• Key Actors: APT44 (a.k.a. Sandworm), a Russia-linked threat actor

Mandiant and Amazon reported sustained targeting of Western critical infrastructure via misconfigured network edge devices, VPNs, and collaboration platforms. APT44 is known for developing destructive tooling such as the ZeroLot wiper and retooled versions of the Industroyer malware.

• Date: March 10–14, 2026
• Location: Arabian Gulf, Strait of Hormuz, Gulf of Oman, Black Sea
• Key Actors: Unknown Projectiles (Suspected State- or Proxy-Sponsored Attacks)

At least three commercial vessels were hit by unknown projectiles in the maritime domain surrounding the UAE and Iraq, causing fires and crew evacuations. The U.S. Maritime Administration (MARAD) issued a security advisory (2026-004) due to Iran’s continuing threat and attacks on commercial vessels in the region. Separately, a Greek-flagged tanker, the MARAN HOMER, was struck by a suspected drone or small missile off the Russian port of Novorossiysk in the Black Sea.

Geolocation Context: The high-risk area for attacks now spans the Northern Arabian Gulf, the Strait of Hormuz (a critical choke point), and the Gulf of Oman. The Black Sea incident suggests geopolitical maritime risk is widening to include critical Russian port approaches.

• Date: March 16, 2026 (Sentencing)
• Location: United States (Nationwide)
• Key Actors: Owners and CEO of a Wholesale Pharmaceutical Company

Two pharmaceutical wholesale company owners received a combined sentence of 38 years for orchestrating a complex scheme that distributed over $92 million in black-market HIV drugs. The scheme corrupted the prescription drug supply chain and put vulnerable HIV-positive patients at risk.

• Date: March 13, 2026
• Location: United States (Arrest) / Chile (Charges)
• Key Actors: Rafael Enrique Gamez Salas (Leader of ‘Los Piratas’/Tren de Aragua cell)

A Venezuelan national and alleged leader of ‘Los Piratas,’ the Chilean cell of the Venezuelan transnational criminal organization Tren de Aragua (TdA), was arrested in the US at the request of Chile. Salas faces charges including extortion, kidnapping resulting in homicide, and criminal association.

• Date: March 9, 2026 (Charges)
• Location: New York City, US
• Key Actors: Two alleged ISIS Supporters

Two individuals who allegedly supported ISIS were charged with attempting to detonate explosive devices during protests outside Gracie Mansion. This highlights the persistent threat of International Violent Extremists (IVE) attempting to utilize domestic social unrest as a cover for attacks.

• Date: Ongoing (March 2026)
• Location: United States
• Key Actors: Partisan Political Extremists, Racially/Ethnically Motivated Violent Extremists (RMVE)

Analysis confirms that terrorist attacks and plots motivated by partisan political beliefs against government targets have nearly tripled in the last five years compared to the previous 25. Targets primarily include government officials, law enforcement, and infrastructure.